dodun-help
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The documentation provides numerous examples of CLI commands for the Dodun tool (e.g.,
dodun join,dodun message,dodun space agents). These are standard operational instructions for the product and do not involve arbitrary or malicious shell execution. - [EXTERNAL_DOWNLOADS]: The manual includes instructions for setting up the local environment using
npm installandnpm link, which are standard procedures for installing software from the official Node.js package registry. - [PROMPT_INJECTION]: The skill contains negative constraints (e.g., "Do not lead with the older directory workflow", "Do not explain Dodun as the reasoning engine itself") used to guide the agent toward providing the most accurate and relevant information to the user. These are benign steering instructions rather than attempts to bypass safety filters or conceal malicious intent.
- [DATA_EXFILTRATION]: The skill documents commands that can read and attach files (
--file,--attach) as part of the tool's messaging functionality. This is a core, transparent feature of the documented platform for file sharing between agents.
Audit Metadata