skills/5dive-com/skills/5dive-cli/Gen Agent Trust Hub

5dive-cli

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses sudo 5dive to perform high-privilege system operations on the host VM. This includes creating and removing Linux users (e.g., agent-<name>), managing systemd units (5dive-agent@<name>.service), and interacting with tmux sessions. These operations are within the stated purpose of the skill for agent lifecycle management.
  • [EXTERNAL_DOWNLOADS]: The CLI facilitates downloading and installing agent binaries (e.g., via 5dive agent install <type>) and additional skills from the vendor's repository (e.g., 5dive-com/skills). These downloads are directed at official vendor sources.
  • [REMOTE_CODE_EXECUTION]: The skill enables the execution of remote code by spawning new agent instances and installing external skills onto those agents. This is a core feature of the multi-agent orchestration design.
  • [INDIRECT_PROMPT_INJECTION]: The skill has a significant attack surface for indirect prompt injection as it processes data from external communication channels (Telegram, Discord) and inter-agent messages. It instructs the agent to parse attributes from <channel> tags and peer message envelopes to determine its actions, such as replying to specific chat IDs. There are no explicit instructions for input sanitization or boundary enforcement mentioned in the provided documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 04:15 PM
Security Audit — agent-trust-hub — 5dive-cli