devtools-secrets
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the shell execution prefix (
!) throughout theSKILL.mdfile to automatically run commands and gather system state. - Evidence includes checks for tool availability (
command -v mise,fnox --version) and project configuration validation. - [DATA_EXFILTRATION]: The skill accesses and displays potentially sensitive information from local configuration files and environment definitions.
- Sensitive paths accessed:
~/.config/mise/config.tomland~/.config/fnox/config.toml(both usehead -10to display content). - Environment exposure: The skill executes
grep -A5 '^\[env\]' mise.toml, which can reveal environment variables and secrets not protected by redaction. - Identity exposure: Runs
infisical user getto display current user session information. - [REMOTE_CODE_EXECUTION]: The skill contains patterns for downloading and executing code from remote URLs without verification.
- Piped execution: Recommends
curl https://mise.run | shif themisetool is missing. - Remote script execution: The file
references/infisical-patterns.mdincludescurl -1sLf 'https://dl.infisical.com/get-cli.sh' | bash. Note: Infisical is a well-known service domain. - [EXTERNAL_DOWNLOADS]: Fetches installation scripts and configuration references from external domains including
mise.runanddl.infisical.com.
Recommendations
- HIGH: Downloads and executes remote code from: https://mise.run - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata