Skills
skills/sieteunoseis/grocer-cli/shelf-life-check/Gen Agent Trust Hub

shelf-life-check

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the grocer-cli utility to list, check status, and update expiration dates for pantry items via terminal commands.
  • [EXTERNAL_DOWNLOADS]: The skill documentation includes a requirement to install the grocer-cli package from the npm registry using npm install -g grocer-cli.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes information from the web to influence local commands. 1. Ingestion points: Web search results for shelf-life data from external sites (USDA, StillTasty, FDA). 2. Boundary markers: Not present; the agent parses the search results directly. 3. Capability inventory: Modifying local pantry records through grocer-cli extend and grocer-cli toss. 4. Sanitization: No specific filtering or validation of search results is described before they are used to calculate and update expiration dates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 07:26 PM