python
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill provides instructions to execute commands that access the ~/.dbt directory. This directory is the default location for DBT profiles which frequently contain sensitive database credentials, passwords, and authentication tokens in plaintext.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill references an untrusted personal blog (i9wa4.github.io) for environment setup instructions. Referencing external, unverified sources for system configuration steps allows for the potential execution of malicious commands or scripts hosted on third-party sites.
- [COMMAND_EXECUTION] (LOW): The skill utilizes command-line tools such as uv and dbt for environment management and execution, which is standard but provides the capability to interact with the underlying system.
Recommendations
- AI detected serious security threats
Audit Metadata