test-bk-cli
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing various subcommands of the
bk-clitool to interact with the BlueKing platform and its underlying services. - [SAFE]: The skill implements a strict allow-list approach for commands, explicitly instructing the agent to only execute read-only operations (e.g.,
get,list,search) while prohibiting destructive ones (e.g.,delete,update,create). - [SAFE]: To protect the user's existing environment, the skill mandates the creation of a temporary context (
test-ctx) for authentication tests, ensuring thedefaultcontext remains unmodified and the temporary resources are deleted afterward. - [SAFE]: Authentication testing uses explicit placeholder values (
test_bk_app_code,test_bk_token) rather than real secrets or prompting the user for sensitive credentials during the exploration phase. - [SAFE]: The skill includes clear protocols for handling 403 errors, instructing the agent to stop immediately rather than attempting to bypass security restrictions or probe alternative endpoints.
Audit Metadata