Skills
skills/fonnesbeck/shay-mwa/chezmoi-chef/Gen Agent Trust Hub

chezmoi-chef

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references downloading the installation script for chezmoi from the official get.chezmoi.io domain.
  • [COMMAND_EXECUTION]: Provides examples for executing system commands, including package management via sudo apt or sudo dnf within setup scripts, which are standard operations for system configuration.
  • [REMOTE_CODE_EXECUTION]: Describes the use of chezmoi init to clone and apply dotfile configurations from remote git repositories like GitHub, which is a core functionality of the tool.
  • [CREDENTIALS_UNSAFE]: Instructions cover the management of sensitive files like ~/.ssh/id_rsa and ~/.aws/credentials. The skill mitigates risk by recommending built-in encryption (--encrypt) and password manager integrations.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection via the processing of external configuration repositories and templates. 1. Ingestion points: Remote git repositories and local dotfile templates. 2. Boundary markers: None. 3. Capability inventory: Shell script execution (run_ scripts), template command execution (output), and file system writes. 4. Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 10:32 PM