diagnose
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill provides a specific command to search for 'DEEPSEEK_API_KEY' within the
~/.env.algvexfile. Directing the agent to read and output secrets from environment files can lead to the accidental exposure of sensitive credentials to users or logs. - [COMMAND_EXECUTION]: The skill defines several procedures to execute local Python scripts (
scripts/diagnose.py,scripts/diagnose_realtime.py, andscripts/smart_commit_analyzer.py) within the user's home directory. This allows for arbitrary code execution in the context of the diagnostic tasks. - [DATA_EXPOSURE]: The diagnostic commands involve reading and potentially displaying contents from configuration files and system logs, including
/home/linuxuser/nautilus_AlgVex/configs/base.yamland.env.algvex.
Audit Metadata