test-bk-cli

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing various subcommands of the bk-cli tool to interact with the BlueKing platform and its underlying services.
  • [SAFE]: The skill implements a strict allow-list approach for commands, explicitly instructing the agent to only execute read-only operations (e.g., get, list, search) while prohibiting destructive ones (e.g., delete, update, create).
  • [SAFE]: To protect the user's existing environment, the skill mandates the creation of a temporary context (test-ctx) for authentication tests, ensuring the default context remains unmodified and the temporary resources are deleted afterward.
  • [SAFE]: Authentication testing uses explicit placeholder values (test_bk_app_code, test_bk_token) rather than real secrets or prompting the user for sensitive credentials during the exploration phase.
  • [SAFE]: The skill includes clear protocols for handling 403 errors, instructing the agent to stop immediately rather than attempting to bypass security restrictions or probe alternative endpoints.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 07:52 AM
Security Audit — agent-trust-hub — test-bk-cli