secrets
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the processing of untrusted input in the form of connection strings.
- Ingestion points:
SKILL.md(Step 3) andscripts/parse-connection-string.shaccept and process arbitrary strings from users. - Boundary markers: No explicit boundary markers or instructions to disregard embedded commands in the input data are present.
- Capability inventory: The skill executes shell scripts and CLI commands (
goldsky secret create,goldsky secret list,goldsky secret reveal) which could be influenced if a user provides a maliciously crafted connection string that evades simple parsing. - Sanitization: The
parse-connection-string.shscript performs basic string replacement but lacks robust validation to ensure inputs are strictly valid connection strings before being used in CLI commands. - [COMMAND_EXECUTION]: The skill executes a bundled shell script (
scripts/parse-connection-string.sh) and the vendor's CLI tool (goldsky). These operations are required for the skill's stated purpose of secrets management and are executed locally.
Audit Metadata