bridle
Warn
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation metadata and documentation promote downloading the 'bridle' binary from a third-party Homebrew tap ('neiii/bridle/bridle') and the Cargo package registry, which are external to the official platform.
- [COMMAND_EXECUTION]: The skill uses shell commands in its installation metadata (
cargo install bridle) and documents various CLI commands intended for the agent to execute, which perform extensive file system modifications and configuration management. - [REMOTE_CODE_EXECUTION]: The tool features a command (
bridle install owner/repo) that allows it to download and integrate agents, commands, and skills from arbitrary GitHub repositories directly into the execution environments of supported AI assistants. - [DATA_EXFILTRATION]: The skill specifically targets and interacts with sensitive configuration directories, including
~/.claude/,~/.config/goose/, and~/.config/opencode/. These paths are known to store sensitive information such as API keys, environment variables, and interaction history, posing a high risk of credential exposure if the tool or installed components are malicious.
Audit Metadata