boxlang-commandbox
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides an installation command that downloads a script from the official vendor domain (downloads.ortussolutions.com) and pipes it directly to bash. This is the vendor's standard method for installing the CommandBox CLI tool.
- [COMMAND_EXECUTION]: Includes instructions for using system package managers (apt-get) and CommandBox CLI commands for server lifecycle management, environment configuration, and module installation.
- [EXTERNAL_DOWNLOADS]: Fetches GPG keys and setup scripts from the vendor's infrastructure to facilitate verified software installation.
Audit Metadata