makecli
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
makecliutility using Homebrew from the author's repository (brew tap qfeius/makecli). This is the expected installation path for the vendor's tool. - [COMMAND_EXECUTION]: The skill uses the
makeclicommand-line interface to perform resource management tasks such as creating apps, entities, and relations. It also includes a self-update functionality (makecli update) that retrieves updates from GitHub Releases. - [DATA_EXFILTRATION]: Configuration and credentials for the platform are stored locally in
~/.make/configand~/.make/credentials. The skill correctly instructs the user to run interactive configuration commands (likemakecli configure token) manually to ensure secure handling of sensitive tokens. - [PROMPT_INJECTION]: The skill processes local DSL YAML files and remote API responses to manage platform state. This introduces a surface for indirect instructions, although no specific malicious patterns were observed.
- Ingestion points:
makecli diff -f <path>,makecli apply -f <path>, and resourcelistcommands in SKILL.md and references/cli-reference.md. - Boundary markers: None specified for the YAML or JSON data being processed.
- Capability inventory: Shell command execution via
makecliand local file system access in SKILL.md. - Sanitization: No explicit validation or escaping of external content is mentioned in SKILL.md.
Audit Metadata