control-cli
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses established local tools such as
tmuxand the Pythonptymodule for its primary purpose of CLI testing and profiling. - [SAFE]: No external downloads, remote script execution, or unverifiable dependencies were identified.
- [SAFE]: The skill includes explicit security guardrails, such as instructing the agent not to send credentials into sessions and ensuring cleanup of temporary resources.
- [SAFE]: No patterns of data exfiltration or credential harvesting were found. The Node.js inspector is configured to listen only on the local interface (127.0.0.1).
- [SAFE]: While the skill ingests terminal output to drive interactions (a potential surface for indirect prompt injection), this behavior is essential for its function and is documented for use in local, developer-controlled environments.
Audit Metadata