geoflow-cli-ops
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes a local preflight shell script (scripts/geoflow_preflight.sh) and the bin/geoflow CLI tool to perform administrative operations.
- [DATA_EXFILTRATION]: Accesses local configuration and content files (task.json, article.md) to facilitate system updates and article publishing via the GEOFlow API.
- [PROMPT_INJECTION]: Analyzed as a surface for indirect prompt injection due to the ingestion of user-provided content.
- Ingestion points: Local data files like article.md and task.json.
- Boundary markers: No explicit instruction-ignoring delimiters are defined for file content processing.
- Capability inventory: File reading and shell command execution via the project CLI.
- Sanitization: No explicit sanitization or validation of the ingested file contents is performed before being passed to the CLI.
Audit Metadata