skills-cli
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Facilitates the execution of management commands via the bunx package runner as detailed in SKILL.md.
- [EXTERNAL_DOWNLOADS]: Enables the retrieval of skill configurations and instruction sets from external repositories such as GitHub, including references to Vercel Labs.
- [REMOTE_CODE_EXECUTION]: Installs remote content that dictates agent behavior, effectively extending the agent's logic through the add and update commands.
- [PROMPT_INJECTION]: This category flags the ingestion surface for third-party instructions from external sources specified in references/cli.md. The skill modifies agent instruction directories like ~/.codex/skills/ and ~/.claude/skills/. While it lacks explicit sanitization of fetched content, it includes guardrails in SKILL.md advising the user to avoid untrusted repositories.
Audit Metadata