bat-cat
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, credential theft, or unauthorized access patterns were identified. The skill acts exclusively as a documentation and installation wrapper for a well-known open-source tool.
- [EXTERNAL_DOWNLOADS]: The skill's metadata facilitates the installation of the 'bat' binary through official repositories for Homebrew and APT. These are well-known and trusted package management services.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from local files, creating a surface for indirect prompt injection if the agent interprets the tool's output as instructions.
- Ingestion points: Commands such as
bat README.mdandbat file.jsonin SKILL.md demonstrate the reading of external file content. - Boundary markers: No specific delimiters or instructions to ignore embedded content are included in the usage examples.
- Capability inventory: The skill provides the ability to execute the
batbinary to read and display file content. - Sanitization: No sanitization is performed by the tool; security relies on the agent's internal handling of ingested text.
Audit Metadata