aident-loadout-skill

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides instructions for installing the Aident CLI using a shell script fetched from the vendor's domain (app.aident.ai) and piped directly to bash. This is a documented installation method for the service.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various CLI commands (e.g., 'aident login', 'aident capabilities execute') to interact with external integrations and manage the user's environment.
  • [CREDENTIALS_UNSAFE]: The skill manages authentication tokens and configuration settings stored in the user's home directory (~/.aident/). The documentation includes security best practices, such as recommending specific file permissions (chmod 600) for the credentials file.
  • [PROMPT_INJECTION]: The instructions include a directive for the agent to fetch and follow content from a remote vendor-controlled URL (https://aident.ai/SKILL.md) for updates, which allows for dynamic instruction loading from a known source.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 08:13 PM
Security Audit — agent-trust-hub — aident-loadout-skill