ziniao-staff

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use a local CLI tool (ziniao-cli) to perform staff management tasks. These operations are within the stated scope of the skill's functionality.
  • [PROMPT_INJECTION]: The skill uses directive language (e.g., "CRITICAL — MUST") to mandate the reading of shared security rules and documentation before executing commands. This is used as a safety mechanism to ensure the agent acts according to pre-defined protocols, rather than an attempt to bypass system guards.
  • [DATA_EXFILTRATION]: While the skill handles sensitive employee information such as names and login credentials, this is the primary purpose of the tool. There are no patterns indicating that this data is being transmitted to unauthorized external domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:43 AM