Skills
skills/yebot/rad-cc-plugins/cli-guide/Gen Agent Trust Hub

cli-guide

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes content from external files that may be modified by other users or processes.
  • Ingestion points: The agent reads task titles, descriptions, and metadata from the .simbl/tasks.md file using the simbl list and simbl show commands.
  • Boundary markers: There are no explicit markers or instructions provided to the agent to treat task content as untrusted data or to ignore embedded instructions.
  • Capability inventory: the agent uses the Bash tool to interact with the file system and execute CLI commands.
  • Sanitization: No sanitization or validation of the content read from the task files is specified in the documentation.
  • [EXTERNAL_DOWNLOADS]: The skill instructions involve downloading and installing an external software package.
  • Evidence: The guide includes commands to globally install the simbl package via npm install -g simbl or bun install -g simbl.
  • Context: The package is installed without a specified version and is fetched from the public npm registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 10:32 PM
Security Audit — agent-trust-hub — cli-guide