eightctl
Warn
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill's metadata contains configuration to fetch and build a Go module directly from a remote source (github.com/steipete/eightctl/cmd/eightctl@latest). This involves downloading and executing external code on the local environment.
- [EXTERNAL_DOWNLOADS]: The skill depends on an external binary that is not pre-packaged with the skill, requiring it to be pulled from a third-party developer's repository during installation.
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to run the
eightctlCLI tool with various system-impacting flags (e.g., status, on/off, temp, alarm), allowing the agent to spawn local processes and interact with network APIs.
Audit Metadata