Skills
skills/zhiyuzi/hivo/hivo-club/Gen Agent Trust Hub

hivo-club

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates numerous operations by executing shell commands through the 'hivo' CLI tool, including creating clubs, managing members, and sharing files.
  • [DATA_EXFILTRATION]: The skill instructs the agent to verify the existence of '.hivo/identity.json' and read '../hivo-identity/SKILL.md' before proceeding. While this identity file likely contains authentication data such as Bearer tokens, the access is localized for configuration checks within the intended ecosystem.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted user data—such as club names, descriptions, and user bios—and passing them as arguments to shell commands.
  • Ingestion points: SKILL.md (e.g., name, DESC, NAME, BIO arguments in CLI commands).
  • Boundary markers: Absent; there are no instructions to the agent to treat this data as untrusted or to use delimiters.
  • Capability inventory: Extensive subprocess execution via the 'hivo' CLI across the skill body.
  • Sanitization: Absent; the instructions do not specify sanitization or escaping, effectively delegating safety to the underlying CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 04:35 AM