Skills
skills/jetbrains/teamcity-cli/teamcity-cli/Gen Agent Trust Hub

teamcity-cli

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates shell command execution on local and remote systems through the teamcity agent exec and teamcity agent term commands, and interacts with the TeamCity server via its CLI.
  • [DATA_EXFILTRATION]: Provides functionality to retrieve stored secrets and tokens using teamcity project token put/get and download build artifacts with teamcity run download.
  • [REMOTE_CODE_EXECUTION]: Includes native support for executing arbitrary code on TeamCity build agents through the CLI's agent management subcommands.
  • [PROMPT_INJECTION]: Identified an indirect prompt injection surface in the babysit-build autonomous agent.
  • Ingestion points: The agent reads raw build logs (teamcity run log --raw) and test outputs (teamcity run tests) to diagnose failures.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands in logs are defined.
  • Capability inventory: The agent has Bash, Write, and Agent permissions, enabling it to modify the repository and execute commands on agents to apply fixes.
  • Sanitization: No evidence of sanitization or validation of the log content before it influences agent decisions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 09:37 AM
Security Audit — agent-trust-hub — teamcity-cli