route-tester
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill includes hardcoded root credentials for a MySQL database (
-u root -ppassword1) in the database verification section. Hardcoding administrative passwords in skill instructions is a critical security risk. - [CREDENTIALS_UNSAFE] (MEDIUM): Hardcoded test credentials (
testuser/testpassword) are provided for the Keycloak authentication flow. While labeled for testing, these credentials could be abused if they exist in a reachable environment. - [DATA_EXFILTRATION] (MEDIUM): The instructions direct the agent to access and read sensitive configuration files like
config.iniand.envto retrieve thejwtSecret. This exposes high-value secrets to the agent's context. - [COMMAND_EXECUTION] (MEDIUM): The skill relies on the execution of a local JavaScript file (
test-auth-route.js) and various shell commands (curl,docker exec,node). This represents a significant capability surface that could be exploited if untrusted data is interpolated into these commands. - [PROMPT_INJECTION] (LOW): There is a risk of indirect prompt injection as the agent is instructed to 'verify response data' and 'check database changes'. Malicious data returned from an API or database could influence subsequent agent actions because no boundary markers or sanitization steps are defined.
Recommendations
- AI detected serious security threats
Audit Metadata