promql-cli
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the
promql-clibinary from its official GitHub repository (github.com/nalbury/promql-cli). This is a well-known source for the documented software. - [COMMAND_EXECUTION]: Documentation for installing the tool includes commands using
sudoto move binaries to system paths like/usr/local/bin/. These are standard administrative actions for software installation. - [DATA_EXFILTRATION]: The skill explicitly directs the AI agent to avoid creating or handling configuration files that contain authentication tokens or passwords. Instead, it instructs the agent to guide the user to manage these sensitive files manually, which prevents credential exposure to the model's history.
Audit Metadata