Skills
skills/b-open-io/bsv-skills/encrypt-decrypt-backup/Gen Agent Trust Hub

encrypt-decrypt-backup

Fail

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts scripts/encrypt.ts and scripts/decrypt.ts use the exec function from node:child_process to run the bbackup CLI. User-provided inputs, including the backup password and file paths, are directly interpolated into a shell command string. An attacker could craft a password or filename containing shell metacharacters (e.g., "; malicious_command ; ") to execute arbitrary code on the underlying system.
  • [CREDENTIALS_UNSAFE]: The skill allows and encourages passing sensitive wallet passwords as command-line arguments. On most operating systems, command-line arguments are visible to all users via process monitoring tools like ps or top, leading to the potential exposure of private backup credentials.
  • [DATA_EXFILTRATION]: The skill is designed to process highly sensitive data, including private keys and wallet backups stored in /.flow/.bsv. While this is the skill's primary function, the presence of an absolute path and the shell injection vulnerability creates a significant risk for unauthorized access or exfiltration of cryptocurrency assets.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 18, 2026, 12:20 PM