Skills
skills/zjandrew/te-cli/te-audience/Gen Agent Trust Hub

te-audience

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines mappings to the te-cli binary for managing user tags, clusters, and audience properties. The agent is instructed to execute these commands to interact with the TE Platform.- [PROMPT_INJECTION]: The skill ingests data from the TE platform (e.g., tag descriptions and cluster lists) through command outputs (files: SKILL.md, references/*.md). It lacks explicit instructions for the agent to use delimiters or sanitize this external data, creating a surface for potential indirect prompt injection. Mandatory Evidence: 1. Ingestion points: outputs from list-tags, get-tag, list-clusters, list-audience-events. 2. Boundary markers: Absent. 3. Capability inventory: Terminal execution of te-cli. 4. Sanitization: Absent.- [NO_CODE]: This skill consists solely of Markdown documentation and instructions. No executable scripts (Python, JavaScript, Shell) or binary files are bundled with the skill package.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 05:24 AM