Skills
skills/cklxx/elephant.ai/config-management/Gen Agent Trust Hub

config-management

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: Accesses and exposes sensitive configuration files.
  • The skill reads from ~/.alex/config.yaml (or a path provided via the ALEX_CONFIG_PATH environment variable), which typically contains sensitive agent settings and potentially credentials or API keys.
  • Use of the 'get' or 'list' actions exposes the contents of these configuration files directly to the agent's context.
  • [PROMPT_INJECTION]: Vulnerability to configuration tampering via Indirect Prompt Injection.
  • Ingestion points: The skill ingests untrusted data for configuration keys and values through JSON arguments in the run.py script.
  • Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within the processed data values.
  • Capability inventory: The script has the capability to both read from (_read_config) and write to (_write_config) the local filesystem to modify agent behavior.
  • Sanitization: Absent; values provided to the 'set' action are converted to strings and written to the configuration file without validation against a strict schema or sanitization of content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 02:06 AM