Skills
skills/qfeius/contract-cli/contract-cli-api-call/Gen Agent Trust Hub

contract-cli-api-call

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the contract-cli tool. It provides a structured interface for the api call subcommand, allowing the agent to perform HTTP operations (GET, POST, PUT) against relative paths.
  • [DATA_EXFILTRATION]: The skill describes how to transmit data to external Open Platform APIs via the /open-apis/ endpoint. It supports sending content from local files using the --input-file flag or inline strings using the --data flag. This is the intended purpose of the API call command and is constrained by path prefix requirements.
  • [CREDENTIALS_UNSAFE]: The skill uses a --profile flag and an --as flag to manage identity and authentication for API calls. No hardcoded secrets or unsafe credential storage practices were identified in the provided instructions.
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns or attempts to download and execute external scripts were detected. The skill focuses solely on the usage of a local CLI tool with predefined arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 02:49 AM