Skills
skills/ryzencool/dinox-cli-skills/dino-manage-tags/Gen Agent Trust Hub

dino-manage-tags

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute dino CLI commands for listing, creating, and modifying tags. This is the intended functionality.
  • [DATA_EXPOSURE]: The skill follows security best practices for secret management by instructing the agent not to ask for tokens and to rely on environment variables (DINOX_TOKEN) or the CLI's own authentication mechanism.
  • [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface when processing user-provided tag names.
  • Ingestion points: User-supplied tag names provided via the argument-hint and input parameters.
  • Boundary markers: The instructions explicitly warn to treat user-provided tag names as untrusted and to avoid running non-dino shell commands.
  • Capability inventory: The skill uses the Bash tool for command execution.
  • Sanitization: The skill requires showing the exact command to the user and getting explicit confirmation before any write operations, which acts as a manual review checkpoint.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 09:17 AM
Security Audit — agent-trust-hub — dino-manage-tags