Skills
skills/stahura/domo-ai-vibe-rules/fileset-cli/Gen Agent Trust Hub

fileset-cli

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for executing the community-domo-cli tool to manage files in Domo FileSets. It uses standard shell commands with parameters like UUIDs and file paths to perform intended data management operations.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it retrieves and processes metadata and file content from external Domo storage containers which could contain untrusted data.
  • Ingestion points: Data enters the agent's context through the output of CLI commands such as filesets search, filesets files-search, and filesets query as described in SKILL.md.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore potential commands embedded in the fileset metadata or content matches.
  • Capability inventory: The tool enables downloading files to the local file system, uploading files to Domo, and performing semantic search queries over file content.
  • Sanitization: There is no mention of sanitizing or validating the output from the CLI tool before the agent uses it for further actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 04:54 PM