x07-run
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary purpose is to provide an interface for executing arbitrary programs and tools using the
x07 runcommand. It supports passing command-line arguments, stdin, and binary inputs to external processes.\n- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it ingests external data through files, stdin, or base64 input, which may be processed by the toolchain (e.g., during the auto-repair loop). The documentation encourages the use of sandboxing to mitigate risks.\n - Ingestion points: Data enters the execution context via
--input,--stdin, or--input-b64flags (documented in SKILL.md).\n - Boundary markers: No explicit boundary markers or instruction-ignoring warnings are present in the documentation.\n
- Capability inventory: The tool can execute subprocesses and access the filesystem/network as defined by user policies.\n
- Sanitization: Security is implemented via sandbox profiles (
--profile sandbox) and network allowlists/denylists.
Audit Metadata