Skills
skills/bgauryy/octocode/octocode-cli/Gen Agent Trust Hub

octocode-cli

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses octocode-cli, jq, and printf to interact with GitHub and process data.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface.
  • Ingestion points: Data is retrieved from GitHub via octocode-cli search-code and get-file.
  • Boundary markers: No delimiters are used to isolate untrusted content.
  • Capability inventory: The agent can execute shell commands based on retrieved data.
  • Sanitization: No validation of external content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:44 AM
Security Audit — agent-trust-hub — octocode-cli