ziniao-skill-maker
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of the
ziniao-clibinary. It provides instructions for the agent to use specific commands such asziniao-cli apiandziniao-cli zclaw invoketo perform tasks. These are documented as standard operating procedures for the tool's functionality. - [PROMPT_INJECTION]: The skill contains a template that uses strong imperative language (e.g., "CRITICAL — 开始前 MUST 先用 Read 工具读取") to ensure the agent loads necessary configuration from a shared file. In this context, the language is used to maintain architectural consistency and handle authentication requirements within the vendor's ecosystem, rather than to bypass safety guidelines.
- [SAFE]: No obfuscation, data exfiltration, or persistence mechanisms were detected. The skill functions as a template generator and documentation guide for legitimate vendor tooling.
Audit Metadata