aident-loadout-skill
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions for installing the Aident CLI using a shell script fetched from the vendor's domain (app.aident.ai) and piped directly to bash. This is a documented installation method for the service.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various CLI commands (e.g., 'aident login', 'aident capabilities execute') to interact with external integrations and manage the user's environment.
- [CREDENTIALS_UNSAFE]: The skill manages authentication tokens and configuration settings stored in the user's home directory (~/.aident/). The documentation includes security best practices, such as recommending specific file permissions (chmod 600) for the credentials file.
- [PROMPT_INJECTION]: The instructions include a directive for the agent to fetch and follow content from a remote vendor-controlled URL (https://aident.ai/SKILL.md) for updates, which allows for dynamic instruction loading from a known source.
Audit Metadata