outlit-cli
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@outlit/clipackage via npm. This is a vendor-owned package from the 'outlitai' organization and is considered a safe resource.\n- [COMMAND_EXECUTION]: Theoutlit setupcommand is used to auto-detect and configure local AI agent environments, which involves modifying configuration files for tools like Cursor and VSCode.\n- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection through data ingestion.\n - Ingestion points: SQL query results from
outlit sqland natural language search results fromoutlit search.\n - Boundary markers: There are no markers or delimiters defined in the command reference to differentiate external data from the agent's system instructions.\n
- Capability inventory: The skill can execute SQL queries, modify agent configurations via
outlit setup, and access local credential files in~/.config/outlit/.\n - Sanitization: No sanitization or validation of the data retrieved from the Outlit database is mentioned in the documentation.
Audit Metadata