Skills
skills/heeyo-life/skillboss-skills/skillboss/Gen Agent Trust Hub

skillboss

Fail

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The configuration file config.json contains a hardcoded API key with the prefix sk-, which represents a direct exposure of sensitive credentials.
  • [DATA_EXFILTRATION]: Documentation in SKILL.md and api-integration.md explicitly instructs the agent to read sensitive data from the local filesystem path ~/.config/skillboss/credentials.json. This pattern encourages the exposure of user credentials stored in the standard CLI configuration location.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection in the 'Talking Head Video' workflow.
  • Ingestion points: Untrusted search results from Perplexity and Linkup APIs are ingested into the agent context in workflows/talking-head-video/README.md.
  • Boundary markers: The prompt templates (e.g., Research: [PASTE SEARCH RESULTS HERE]) lack explicit delimiters or instructions to ignore embedded commands within the ingested data.
  • Capability inventory: The skill possesses extensive capabilities including network calls via skb api call, file system writes with the -o flag, and script generation.
  • Sanitization: No sanitization or validation of the external content is performed before interpolation into the script generation prompts.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 17, 2026, 04:27 AM