hk
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of shell commands through the 'hk' command-line tool. These commands are defined in a project's 'hk.pkl' configuration file under the 'check' and 'fix' keys to perform code linting and formatting.
- [EXTERNAL_DOWNLOADS]: The configuration examples utilize the Pkl package manager to import remote configuration schemas and built-in linter definitions directly from the official 'jdx/hk' GitHub repository releases.
- [INDIRECT_PROMPT_INJECTION]: The skill processes project-level configuration files, creating a potential surface for indirect prompt injection. If an agent is directed to test or initialize hooks within a malicious repository, a crafted 'hk.pkl' file could define harmful shell commands to be executed during the 'check' or 'fix' phases.
- Ingestion points: The 'hk.pkl' configuration file within a project's root directory.
- Boundary markers: None; the 'hk' tool executes the strings provided in the configuration.
- Capability inventory: The 'hk' utility can execute arbitrary shell subprocesses as part of its primary functionality.
- Sanitization: The skill does not provide mechanisms to sanitize the shell commands defined in the local configuration files, as they are intended for developer-controlled workflows.
Audit Metadata