Skills
skills/greenheadhq/nixos-config/hosting-anki/Gen Agent Trust Hub

hosting-anki

Warn

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill provides instructions to display the Anki sync password in cleartext by using 'sudo cat' on the agenix secret file located at /run/agenix/anki-sync-password.
  • [REMOTE_CODE_EXECUTION]: The documentation includes commands to fetch and run external tools directly from GitHub (e.g., 'nix run github:ryantm/agenix'), which involves executing code from unverified third-party repositories.
  • [EXTERNAL_DOWNLOADS]: The skill references external scripts and tools hosted on GitHub and remote repositories for service setup and secret management.
  • [COMMAND_EXECUTION]: Multiple high-privilege operations are described, including using 'sudo' for service management, process termination ('kill -9'), and potentially destructive file system actions ('rm -f' on lock files).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 14, 2026, 05:20 PM