Skills
skills/bagelhole/devops-security-agent-skills/sops-encryption/Gen Agent Trust Hub

sops-encryption

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (HIGH): The installation instructions use wget to download a pre-compiled binary from the getsops GitHub organization, which is not on the trusted provider list, followed by immediate execution permissions.
  • Indirect Prompt Injection (HIGH): The skill is designed to process and decrypt external configuration and secrets files. 1. Ingestion points: secrets.yaml and .sops.yaml. 2. Boundary markers: Absent. 3. Capability inventory: Execution of the sops binary and subsequent integration into agent workflows. 4. Sanitization: Absent.
  • Privilege Escalation (HIGH): The skill instructs the user to move downloaded binaries into system-level directories (/usr/local/bin) and modify file permissions (chmod +x), which are high-privilege operations.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 02:16 AM