poke-ordering
Warn
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill requires a local script located at 'scripts/poke-cli.js' to function, but the source code for this script is not provided. This makes it impossible to verify the script's behavior, security protocols, or how it handles sensitive data like authentication tokens and personal contact information.
- [COMMAND_EXECUTION]: The skill instructions guide the agent to execute system commands (e.g., 'node scripts/poke-cli.js search --query ') using inputs provided by the user. This pattern is vulnerable to command injection if the underlying script or the execution environment fails to sanitize shell metacharacters in the user-provided strings.
- [COMMAND_EXECUTION]: Mandatory Evidence Chain for Ingestion Surface:
- Ingestion points: The skill accepts untrusted data from users via several CLI flags including '--location', '--query', and ingredient choices in the 'byo' command.
- Boundary markers: There are no instructions or delimiters defined to prevent the execution engine from interpreting malicious instructions embedded within these inputs.
- Capability inventory: The skill has the capability to execute Node.js scripts and process JSON files via the '--from' flag in the 'order' command.
- Sanitization: No sanitization logic is visible as the primary execution script ('poke-cli.js') is missing from the package.
Audit Metadata