clams
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to source the user's shell profiles (
~/.zshenvand~/.bashrc) at the start of a session to ensure thePATHis correctly configured for theclamsCLI. This is a common practice for CLI integrations to ensure the binary is discoverable. - [COMMAND_EXECUTION]: The skill includes several shell scripts in the
scripts/directory for rendering PDF reports and verifying the CLI state. These scripts execute standard command-line utilities such asjq,awk, andweasyprintto process JSON data from the CLI. - [INDIRECT_PROMPT_INJECTION]: The skill processes external data via CSV imports (
clams connections import) and custom mapping configurations. - Ingestion points: CSV files provided by the user and processed by the
clamsCLI. - Boundary markers: Not explicitly defined in the prompts, but the skill relies on structured JSON output (
--machine --format json) for script processing. - Capability inventory: The skill can execute CLI commands, write to specified output paths, and run internal shell scripts.
- Sanitization: Data parsing and validation are handled by the underlying
clamsbinary. - [DATA_EXPOSURE]: The skill handles sensitive financial information (balances, transactions, cost basis). The
README.mdcontains a dedicated privacy section informing users that this data is sent to the AI model provider during use.
Audit Metadata