analyticscli-cli
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) as it processes data returned from external CLI commands to guide agent reasoning.
- Ingestion points: Data enters the agent's context through the output of commands like
analyticscli funnel,analyticscli breakdown, andanalyticscli survey, as described inSKILL.mdandreferences/playbooks/usecases.md. - Boundary markers: The instructions do not define explicit delimiters or provide instructions for the agent to ignore potentially malicious strings embedded within the analytics data.
- Capability inventory: The skill is capable of executing shell commands and writing files to the local system (e.g., using the
--outflag to save SVG charts). - Sanitization: There is no mention of sanitization or validation of the CLI output before it is interpolated into the agent's reasoning process.
Audit Metadata