cbi-repo
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a set of management capabilities centered on the CreatiBI CLI tool (cbi). Its instructions are consistent with its stated purpose of asset and repository management, with no evidence of malicious intent or unauthorized access patterns.
- [COMMAND_EXECUTION]: The skill defines a command skeleton for the cbi tool. All execution is limited to the functionality provided by this specific CLI for tasks like repository listing, file creation, and project management. There is no evidence of arbitrary command execution or system-level tampering.
- [PROMPT_INJECTION]: The skill processes structured metadata such as video signals and AI analysis results (analysis JSON). This defines a surface for Indirect Prompt Injection.
- Ingestion points: The agent ingests data from external sources via
cbi repository file-detailandcbi project script-get(specifically the signals and analysis fields). - Boundary markers: Explicit boundary markers for the AI-generated metadata are not defined in the instructions.
- Capability inventory: The skill can perform write operations such as
cbi repository file-createandcbi project script-savebased on ingested data. - Sanitization: While explicit sanitization is not mentioned, the skill instructions mandate that the agent should not output raw command content or original error text, which serves as a mitigation against information leakage and certain injection attacks.
Audit Metadata