audit-agentic-cli
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard developer auditing tools and provides extensive documentation on building secure and agent-friendly command-line interfaces. No malicious code or exfiltration patterns were identified.
- [COMMAND_EXECUTION]: The helper script
scripts/audit-cli-help.shexecutes local commands provided as arguments (e.g.,CLI --help). This is the intended functionality for auditing local binary discoverability and is safe within the context of a development tool. - [PROMPT_INJECTION]: The skill is subject to an indirect prompt injection surface because it reads and processes output from external CLI help commands.
- Ingestion points: Output from
CLI --helpandCLI --versionis captured inscripts/audit-cli-help.shand processed by the agent. - Boundary markers: Absent. The script captures raw text from the binary output.
- Capability inventory: The skill provides shell scripts for file diffing and CLI inspection. Reference documentation provides patterns for network access and file system operations.
- Sanitization: Absent. The captured text is processed directly to identify flags and examples.
Audit Metadata