Skills
skills/getvhs/vhscli-skills/vhscli/Gen Agent Trust Hub

vhscli

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill executes code from the NPM registry using npx @getvhs/vhscli@latest to ensure the latest version of the vendor's platform tools is used.
  • [COMMAND_EXECUTION]: Utilizes shell commands including npx, file, sips, and ffmpeg to detect file types and process media assets.
  • [EXTERNAL_DOWNLOADS]: Fetches and runs the @getvhs/vhscli package from the public NPM registry at runtime.
  • [CREDENTIALS_UNSAFE]: Manages authentication tokens stored in the ~/.vhs/session.json file to maintain a session with the vendor's cloud services.
  • [DATA_EXFILTRATION]: Transfers user-provided media files (images, PDFs, and videos) to the vendor's server for analysis via the vhscli chat and generate commands.
  • [PROMPT_INJECTION]: The skill handles untrusted external data (media files) which presents a potential indirect prompt injection surface.
  • Ingestion points: Local files are ingested via -i, -f, and -v flags in the vhscli chat command as described in SKILL.md.
  • Boundary markers: No specific delimiters or boundary instructions are included in the prompt construction examples.
  • Capability inventory: The skill possesses capabilities for command execution and network communication via the vendor's CLI tool.
  • Sanitization: The instructions do not specify any sanitization or filtering of media content before it is uploaded and processed by cloud models.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 03:09 PM