Skills
skills/oritwoen/boha/boha-cli/Gen Agent Trust Hub

boha-cli

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the boha CLI tool through cargo install boha (via crates.io) and paru -S boha (via the Arch User Repository). These are the vendor's own installation paths for the tool described.
  • [COMMAND_EXECUTION]: The skill documentation includes numerous bash command templates for the boha binary, enabling the agent to execute local searches, data exports, and verification tasks related to cryptographic puzzles.
  • [PROMPT_INJECTION]: There is a potential for indirect prompt injection as the skill retrieves and processes data from external crypto puzzle databases.
  • Ingestion points: Data from puzzle collections is ingested via commands like boha list, boha search, and boha show defined in SKILL.md.
  • Boundary markers: No explicit boundary markers or instructions are provided to the agent to treat content from the puzzle descriptions as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill enables the agent to open asset URLs in a browser using the --open flag and to pipe tool output into other shell utilities like jq (documented in SKILL.md).
  • Sanitization: There is no evidence of sanitization or filtering of the text content retrieved from the puzzle collections before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:02 PM