btp-ba2-cli
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the 'vulhunt-ce' CLI tool to interact with the Binarly Transparency Platform. This involves running system commands to manage products, upload firmware for scanning, and download results.- [PROMPT_INJECTION]: The skill processes structured JSON output from the 'vulhunt-ce' CLI, which constitutes an indirect prompt injection surface.
- Ingestion points: Output from CLI commands defined in SKILL.md.
- Boundary markers: No specific boundary markers or 'ignore' instructions are used for the tool output.
- Capability inventory: Shell command execution ('vulhunt-ce') and file system access for uploading and downloading binary files.
- Sanitization: No explicit sanitization or validation of the platform's JSON responses is defined.
Audit Metadata