superplane-cli
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
superplaneCLI for managing organization resources, which involves executing system commands to interact with the vendor's API. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes data from the SuperPlane environment and local configuration files.
- Ingestion points: Data enters the agent context through CLI command outputs (e.g.,
superplane canvases get) and local files (canvas.yaml). - Boundary markers: There are no explicit markers or instructions to delimit untrusted data from commands.
- Capability inventory: The skill has the capability to execute the
superplaneCLI and read/write local files. - Sanitization: No sanitization or validation procedures are defined for data ingested from external or local sources.
Audit Metadata