Skills
skills/steedos/steedos-platform/cli-commands/Gen Agent Trust Hub

cli-commands

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for managing local server processes, including starting (steedos start) and restarting (steedos restart) instances, which involves process control and the use of PID files.
  • [CREDENTIALS_UNSAFE]: The documentation for steedos auth:login demonstrates using the -p flag to pass passwords directly in the command line, which is an insecure practice that can expose sensitive information to shell history or process monitoring tools.
  • [DATA_EXFILTRATION]: The skill includes commands for moving data and metadata to external targets, such as steedos source:deploy for remote server synchronization and steedos data:export for local file extraction.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external configuration and data files.
  • Ingestion points: Local JSON and YAML files used in steedos data:import, steedos source:deploy, and steedos source:convert in SKILL.md.
  • Boundary markers: None identified within the provided command instructions.
  • Capability inventory: Server process management (steedos start/restart) and network data transmission (source:deploy) in SKILL.md.
  • Sanitization: Not documented in the CLI reference.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 03:01 AM