vaults
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill relies extensively on executing the
casedevCLI to perform operations. This is the intended design for providing vault management capabilities. - DATA_EXFILTRATION (LOW): The skill is designed to upload local files and directories to the case.dev cloud platform. Users should ensure they only upload data intended for this external service.
- Indirect Prompt Injection (LOW): The skill possesses an attack surface for indirect prompt injection.
- Ingestion points: Processes local documents via
uploadand retrieves content viasearchandlistoperations. - Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore instructions embedded within the vault documents.
- Capability inventory: Includes file reading (upload), file writing (download), and network communication (via the CLI tools).
- Sanitization: No sanitization of document content is performed before search results are presented to the agent, potentially allowing malicious content in documents to influence agent behavior.
Audit Metadata