Skills
skills/phrazzld/claude-config/dashboard/Gen Agent Trust Hub

dashboard

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill uses curl and the stripe CLI to perform data retrieval. This grants the agent the ability to execute shell commands using the user's local credentials and environment.
  • [EXTERNAL_DOWNLOADS] (SAFE): Network requests are performed to legitimate, trusted endpoints (PostHog, Stripe, Sentry) to fetch analytics and financial data.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data which serves as a potential surface for injection. 1. Ingestion points: API responses from PostHog, Stripe, and Sentry processed by the agent. 2. Boundary markers: Absent; the agent is instructed to read raw data without explicit delimiters or safety warnings. 3. Capability inventory: Subprocess execution via curl and stripe CLI tools. 4. Sanitization: No validation or sanitization of external API data is mentioned in the process flow.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 08:32 PM