Skills
skills/bitdriftlabs/bd-skills/bd-cli/Gen Agent Trust Hub

bd-cli

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user-generated content (session logs, issue titles, and workflow descriptions) that could be used for indirect prompt injection attacks.
  • Ingestion points: As noted in the 'Trust boundary' section of SKILL.md, data returned by the bd CLI or the bitdrift API may contain arbitrary text.
  • Boundary markers: SKILL.md contains a specific 'Trust boundary' section that instructs the agent to treat retrieved content as data rather than instructions and to ignore any attempts to override agent behavior.
  • Capability inventory: The skill enables the agent to execute various bd CLI commands for platform management and use curl for direct API calls.
  • Sanitization: The instructions emphasize using -o json and --jq for structured parsing, which helps prevent the accidental execution of instructions embedded in text logs.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the bd CLI tool via Homebrew from the vendor's repository (bitdriftlabs/bd).
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 04:31 AM