managing-agent-secrets
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill includes shell commands using standard tools like
rg(ripgrep),git, andstatto audit local directories for hardcoded secrets and verify file permissions. These commands are used for local analysis and do not involve network exfiltration or malicious intent. - [DATA_EXPOSURE] (SAFE): The skill intentionally references sensitive file patterns (e.g., .env, private keys) and credential formats to teach the agent how to recognize and protect them. No real credentials or sensitive data are included; all examples use descriptive placeholders like 'sk-abc123...'.
- [REMOTE_CODE_EXECUTION] (SAFE): While the skill mentions external tools like BFG Repo-Cleaner, it does not include instructions to download or execute unverified remote scripts.
Audit Metadata