acli
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides a command reference for the
aclitool. It includes mandatory safety rules requiring the agent to confirm destructive actions (likedeleteordeactivate) with the user and suggests dry-run validations before bulk operations. - [CREDENTIALS_UNSAFE] (SAFE): The skill correctly instructs the agent to use environment variables for authentication and warns against hardcoding tokens or exposing them in shell history. No hardcoded credentials were detected.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill provides capabilities to read and process data from Jira work items, creating a potential surface for indirect prompt injection. 1. Ingestion points: Data is pulled from Jira via
acli jira workitem searchandacli jira workitem view. 2. Boundary markers: None; the skill does not define delimiters to separate untrusted Jira content from agent instructions. 3. Capability inventory: The skill can create, edit, transition, and delete work items, and manage organization users. 4. Sanitization: No escaping or sanitization of ingested content is described in the reference documentation.
Audit Metadata