using-jq
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a purely informational resource providing syntax references and usage patterns for jq. It contains no executable scripts or autonomous commands.
- [SAFE]: The skill explicitly includes security best practices, such as warning the user/agent against shell variable interpolation in jq filters to avoid command injection risks. It correctly recommends using
--argand--argjsonfor safe data handling. - [SAFE]: Tool integration examples (e.g., Jira CLI, GitHub CLI, and curl) are standard, well-documented patterns for developer workflows and do not involve any malicious exfiltration or unauthorized access patterns.
- [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation patterns were found across the documentation files.
Audit Metadata