cli-developer
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill inherently processes untrusted data through command-line arguments, environment variables, and configuration files.
- Ingestion points: User input via arguments, flags, interactive prompts (
inquirer,questionary), and configuration files (.json,.yml). - Boundary markers: Not explicitly defined for LLM context, but the skill follows standard CLI input parsing protocols.
- Capability inventory: File system access (
fs-extra,os,path), subprocess execution (execa,cobra.Command.RunE), and terminal UI manipulation. - Sanitization: The skill contains explicit 'MUST DO' instructions to 'Validate user input early' in the constraints section of
SKILL.md. - [COMMAND_EXECUTION]: Provides guidance on using
execa(Node.js) andcobra(Go) for executing commands. These are standard tools for CLI development and are documented with appropriate error handling and signal management. - [DATA_EXPOSURE]: Mentions the use of
credentials.jsonfor sensitive data but correctly identifies the need for restrictive file permissions (mode 600) as a security best practice.
Audit Metadata