ziniao-skill-maker

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the use of the ziniao-cli binary. It provides instructions for the agent to use specific commands such as ziniao-cli api and ziniao-cli zclaw invoke to perform tasks. These are documented as standard operating procedures for the tool's functionality.
  • [PROMPT_INJECTION]: The skill contains a template that uses strong imperative language (e.g., "CRITICAL — 开始前 MUST 先用 Read 工具读取") to ensure the agent loads necessary configuration from a shared file. In this context, the language is used to maintain architectural consistency and handle authentication requirements within the vendor's ecosystem, rather than to bypass safety guidelines.
  • [SAFE]: No obfuscation, data exfiltration, or persistence mechanisms were detected. The skill functions as a template generator and documentation guide for legitimate vendor tooling.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:44 AM