agent-ready-cli

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill instructions direct the agent to retrieve the AGENT_READY_API_KEY by searching local .env files using shell commands like grep. While this is a common developer workflow for managing secrets, .env files are sensitive locations that may contain other credentials.
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill uses npm and npx to install and run the agent-ready-scanner package from the official NPM registry. These are well-known services used for distributing the vendor's legitimate scanning tools.
  • [INDIRECT_PROMPT_INJECTION]: The skill scans external URLs which could contain malicious instructions targeting the AI agent when it processes the resulting scan summary.
  • Ingestion points: Site scanning via the agent-ready scan <URL> command described in SKILL.md.
  • Boundary markers: Absent; the instructions do not provide specific delimiters to separate external site content from agent instructions.
  • Capability inventory: The skill can execute shell commands, install software via package managers, and read local configuration files.
  • Sanitization: No explicit sanitization or filtering of external site content is described in the skill workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 03:36 AM
Security Audit — agent-trust-hub — agent-ready-cli