Skills
skills/indranilbanerjee/digital-marketing-pro/credential-switch/Gen Agent Trust Hub

credential-switch

Warn

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local Python scripts credential-manager.py and execution-tracker.py via shell commands to perform actions such as retrieving, validating, and switching credential profiles based on user-provided brand slugs.
  • [CREDENTIALS_UNSAFE]: The skill directly accesses and modifies sensitive credential storage directories and files located at ~/.claude-marketing/credentials/ and ~/.claude-marketing/brands/, which contain API keys, OAuth tokens, and environment variables.
  • [DATA_EXFILTRATION]: During the validation phase, the skill initiates network requests to external marketing and analytics platform APIs to verify the validity of stored credentials, which constitutes a structured transfer of authentication data to remote services.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 1, 2026, 01:18 AM