Skills
skills/qverisai/qverisbot/blucli/Gen Agent Trust Hub

blucli

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill metadata includes an installation step that fetches code from an unverified external source.
  • Evidence: The openclaw.install section uses go install github.com/steipete/blucli/cmd/blu@latest. This repository is not on the trusted vendors list, representing an unverifiable dependency from an unknown source.
  • [COMMAND_EXECUTION]: The skill requires the execution of a locally installed binary with various parameters.
  • Evidence: The skill documentation instructs the agent to run the blu command with arguments such as devices, play, pause, and volume set, which translates to subprocess execution on the host machine.
  • [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection from data ingested during runtime.
  • Ingestion points: Data entering the agent context via blu devices (discovery of local network names) and blu tunein search (results from external radio APIs).
  • Boundary markers: No delimiters or safety instructions are present to prevent the agent from obeying instructions embedded in device names or search results.
  • Capability inventory: The skill possesses the capability to execute shell commands and modify device states via the blu binary.
  • Sanitization: No evidence of sanitization or validation of the external output was found in the skill documentation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 01:22 AM