herdr
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
herdrCLI to interact with a local daemon, allowing it to split terminal panes and execute shell commands within them. This is the primary function of the tool. - [EXTERNAL_DOWNLOADS]: The
herdr integration installcommand is documented for adding support for various agents. This is a built-in feature of the herdr platform and originates from the tool vendor. - [DATA_EXFILTRATION]: The skill permits reading the output of other terminal panes via
herdr pane read. This allows the agent to observe sibling sessions and logs locally within the herdr environment. - [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by design as it reads terminal output from untrusted sources (e.g., external logs or other agents). * Ingestion points:
herdr pane readandherdr wait output. * Boundary markers: None specified in instructions. * Capability inventory: Command execution viaherdr pane run. * Sanitization: None.
Audit Metadata