eliteforge-poseidon-cli
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the eliteforge-poseidon-cli package from a package registry using pipx. This is a vendor-provided tool required for the skill's primary functionality.
- [COMMAND_EXECUTION]: The skill executes various commands including pipx for installation, jq for data processing, and the poseidon CLI for platform operations like application creation and deployment.
- [PROMPT_INJECTION]: The skill reads application logs and error data from the Poseidon platform, which constitutes a surface for indirect prompt injection. * Ingestion points: Log data retrieved via poseidon ops search-logs and runtime errors via poseidon atomic runtime-errors. * Boundary markers: No delimiters or ignore instructions are used for the retrieved data. * Capability inventory: The skill can trigger builds, deploy apps, and modify configurations. * Sanitization: There is no evidence of sanitization or validation of the ingested log content.
Audit Metadata