headless-adapters
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to spawn and interact with CLI tools (e.g., 'claude', 'gemini') as subprocesses based on configurations in the 'schemas/' directory.
- [EXTERNAL_DOWNLOADS]: Instructions specify the use of 'bunx @plaited/agent-eval-harness', which retrieves the necessary execution package from the NPM registry at runtime.
- [PROMPT_INJECTION]: The skill creates an indirect injection surface by processing and extracting data from external CLI agent outputs. * Ingestion points: Standard output (stdout) of the wrapped CLI tools like 'claude' and 'gemini'. * Boundary markers: Absent in the provided schemas. * Capability inventory: Interaction with local CLI binaries via subprocess. * Sanitization: No validation or sanitization is performed on the data extracted via JSONPath.
- [NO_CODE]: The skill consists of documentation and JSON configuration files, containing no local script files like .js or .py.
Audit Metadata