primitive-chat
Pass
Audited by Gen Agent Trust Hub on Jun 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
primitiveCLI to manage accounts (primitive account show), sign up (primitive agent start-agent-signup), and perform email operations (primitive chat,primitive emails). These commands are part of the intended functionality of the vendor's tool. - [EXTERNAL_DOWNLOADS]: The skill requires installing the
@primitivedotdev/clipackage via npm or a Homebrew tap. These resources are owned and maintained by the skill's author ('primitivedotdev'). - [PROMPT_INJECTION]: The skill processes inbound emails, which is a known surface for indirect prompt injection (Category 8). Malicious content in a received email could attempt to influence the agent's behavior. The skill documentation mitigates this by instructing the agent to use structured
--jsonoutput for parsing and providing explicit guidelines on when to seek user confirmation.
Audit Metadata