Skills
skills/customerio/cio-cli/cio/Gen Agent Trust Hub

cio

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation and configuration documentation from the official Customer.io GitHub repository (customerio/cio-cli).
  • [COMMAND_EXECUTION]: Executes shell commands using the cio utility for tool initialization and user authentication.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from a remote source that could contain malicious instructions. Ingestion points: Data is fetched from https://raw.githubusercontent.com/customerio/cio-cli/main/README.md. Boundary markers: Absent; the skill does not use delimiters to wrap the fetched external content. Capability inventory: The agent can execute any command provided by the cio CLI and shell. Sanitization: No content validation or filtering is applied to the remote file before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 08:43 PM