just
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill documents the use of
justto execute recipes which can contain arbitrary shell commands or scripts in languages like Python and Node.js. This is a powerful capability that allows command execution, but it is the central function of the tool and no malicious pre-configured commands were found. - [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file access patterns, or unauthorized network exfiltration logic were detected in the provided documentation or examples.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not contain instructions to download and execute remote scripts (e.g., via
curl | bash). It references official resources for the 'just' project. - [PROMPT_INJECTION] (SAFE): No prompt injection markers or attempts to override system safety guidelines were identified in the skill metadata or body.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill possesses a surface for indirect prompt injection as it processes user-provided
justfiles(Ingestion:justfile; Boundary: Absent; Capability: Subprocess execution viajust; Sanitization: Absent). However, since this is the primary purpose of a command runner skill, the severity is downgraded to SAFE.
Audit Metadata