lmstudio-cli
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides tools and instructions for managing LM Studio instances via CLI and HTTP APIs. No malicious patterns such as credential theft, persistence, or data exfiltration were detected. The operations are restricted to the intended purpose of model management and endpoint verification.\n- [SAFE]: The Python helper script
scripts/check_lmstudio_endpoint.pyexplicitly disables SSL certificate verification (ssl.CERT_NONE). While this is a security best practice violation that could expose connections to man-in-the-middle attacks, it is a common configuration for interacting with local development servers and self-signed certificates in private environments.\n- [SAFE]: The skill performs network operations usingcurland Python'surllibto interact with user-specified hosts and ports. This is essential for its documented purpose of verifying and managing LM Studio servers.\n- [SAFE]: Indirect Prompt Injection Surface Analysis:\n - Ingestion points: The skill reads JSON data from LM Studio's
/v1/modelsand/v1/chat/completionsendpoints viacurlandscripts/check_lmstudio_endpoint.py.\n - Boundary markers: No explicit delimiters or instructions are used to separate API data from agent instructions.\n
- Capability inventory: The agent has access to
Bash(for running CLI tools),Write, andWebFetchtools.\n - Sanitization: The skill treats API responses as structured JSON data, which inherently limits the execution of embedded natural language instructions compared to free-text processing.
Audit Metadata