timestripe
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is an official integration guide for the Timestripe CLI, enabling users to manage goals, tasks, and spaces.\n- [EXTERNAL_DOWNLOADS]: The skill recommends installing the CLI via Homebrew or Go from the vendor's official GitHub organization (github.com/timestripe), which is a trusted source for this vendor's tools.\n- [COMMAND_EXECUTION]: Shell commands are used to interact with the Timestripe CLI. These commands are limited to the tool's intended functionality and do not exhibit malicious behavior.\n- [CREDENTIALS_UNSAFE]: Authentication is handled via API tokens or OAuth2 with loopback addresses, using standard placeholders and avoiding the storage of actual credentials in the skill file.\n- [PROMPT_INJECTION]: While the skill processes user-generated Markdown content (e.g., goal descriptions), it does so using structured CLI interactions, which limits the surface for indirect prompt injection.
Audit Metadata