CodeRabbit CLI
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to download and execute an installation script from 'https://cli.coderabbit.ai/install.sh' using 'curl | sh'. This is a common installation pattern for developer tools and originates from the official domain of the service being integrated.
- [COMMAND_EXECUTION]: The skill facilitates the execution of 'coderabbit' (or 'cr') CLI commands to perform local code reviews, manage authentication, and output findings in agent-readable formats.
- [CREDENTIALS_UNSAFE]: The documentation includes an example of API key authentication. It uses a safe placeholder value ('cr-************') which does not expose actual secrets or credentials.
Audit Metadata