Unified configuration manager for AI coding assistants. Manage profiles, install skills/agents/commands, and switch configurations across Claude Code, OpenCode, Goose, and Amp.
Security Analysis
medium confidenceThe skill's purpose and commands are coherent, but it omits explicit declarations about touching other tools' config directories and installs a third‑party binary — it can install arbitrary GitHub repos into other harness configs, which is potentially risky.
The name/description match the runtime instructions: the skill simply shells out to a 'bridle' binary that manages profiles and harness configs. However, the SKILL.md documents reading/writing many harness config paths (e.g., ~/.claude/, ~/.config/opencode/, ~/.config/goose/, ~/.config/bridle/config.toml) yet the skill metadata declares no required config paths. That omission is an inconsistency — the tool will need access to other tools' config directories but the skill does not explicitly request or document that access.
Runtime instructions tell the agent to run 'bridle' commands (init, profile create/switch/edit, install owner/repo) and reference specific user config locations. In particular, 'bridle install owner/repo' implies cloning/installing arbitrary GitHub repos into harness config directories. That capability can introduce untrusted code or modify other agents' configurations; the SKILL.md does not limit or qualify what will be installed or warn about validating code, so the instruction scope is broader and higher-risk than a simple config viewer/editor.
Install options are Homebrew (neiii/bridle/bridle), cargo install, or git clone/build. Homebrew uses a third‑party tap (neiii) rather than an official formula, which is a moderate trust consideration. cargo install/git clone are traceable to source but will build/run code locally. No opaque URL shorteners or unknown archive extracts are present, but you should verify the brew tap and crate/repo owners before installing.
The skill declares no required environment variables or credentials, which fits a local CLI manager. However, the documented workflows (installing from GitHub, writing to other harness configs) may require network access and write access to ~/.config/ and other home directories, and they may prompt for credentials when accessing private repos — none of which are declared. That mismatch should be noted.
The skill is not always-on, but its described operations explicitly modify other harnesses' configuration directories and install components (skills/agents/commands) into them. Modifying other agents' or skills' configs is a meaningful privilege and increases blast radius: a malicious or buggy installed component could alter behavior across multiple AI assistants. The skill metadata does not document safeguards or required approvals for installations.
Guidance
This skill is coherent with its stated purpose (it wraps a 'bridle' CLI), but it will read and write configuration in multiple other AI harness directories and can install arbitrary GitHub repos into those locations. Before installing or running it: (1) verify the Homebrew tap / crate / upstream GitHub repo and review the source if possible; (2) back up the config directories listed (~/.claude, ~/.config/opencode, ~/.config/goose, ~/.amp, ~/.config/bridle); (3) prefer installing from reviewed source code rather than a third‑party binary if you don't trust the tap; (4) be cautious about running 'bridle install owner/repo' for untrusted repositories — those components can execute code within your agent environment; (5) expect the tool to need write access to your home config directories and potentially network/GitHub credentials for private repos. If you need higher assurance, inspect the bridle repository/formula and the code it would deploy before use.
Latest Release
v1.1.0
- Added explicit author field with contact information in the skill metadata. - Updated metadata formatting for improved readability and YAML structure. - No changes to core functionality or usage instructions.
More by @bjesuiter
Published by @bjesuiter on ClawHub
