sag

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs software from a third-party Homebrew tap (steipete/tap/sag). This introduces a dependency on external code maintained by an individual developer.
  • [COMMAND_EXECUTION]: The skill provides command templates that incorporate user-provided text into shell executions (e.g., sag ... "Your message here"). This creates a potential command injection surface if the agent does not adequately escape shell-metacharacters in the user's input. 1. Ingestion points: User-provided text for voice replies in SKILL.md. 2. Boundary markers: Shell quotes are present in templates but may be bypassed by adversarial input. 3. Capability inventory: Shell command execution of the sag binary. 4. Sanitization: No explicit sanitization or validation steps are defined for the user input.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — sag