cli-anything
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local Python scripts (
inspect_cli_anything.pyandrecommend_harness.py) to discover and evaluate software harnesses in the workspace. These scripts operate on hardcoded or discovered local paths and do not accept untrusted shell input. Additionally, the documentation provides command-line examples for installing local packages using pip, which is consistent with the skill's purpose as a developer tool. - [REMOTE_CODE_EXECUTION]: While the skill involves the installation and execution of third-party harnesses from a local repository, this is its intended functionality. The instructions specifically include safety rules for the agent, such as treating third-party code as untrusted and requiring explicit user consent before external publishing or execution.
Audit Metadata