sc-load
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill is designed to load environment variables and configuration files, which commonly contain secrets, API keys, and database credentials. This exposes sensitive data to the model's context.
- [COMMAND_EXECUTION] (HIGH): The skill documentation states it 'Applies Bash for environment validation'. Executing shell commands based on the state or content of untrusted project files is a significant security risk.
- [PROMPT_INJECTION] (HIGH): The skill is vulnerable to indirect prompt injection via the project files it analyzes. 1. Ingestion points: Files within the user-specified 'target' directory, including dependencies and configurations. 2. Boundary markers: Absent; no instructions or delimiters are provided to the agent to distinguish between data and potential instructions. 3. Capability inventory: Bash execution, file reading (Read), and file discovery (Glob). 4. Sanitization: Absent; the skill parses and validates configuration consistency without apparent safeguards against malicious payloads embedded in the data being read.
Recommendations
- AI detected serious security threats
Audit Metadata