Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/fireflies-incident-runbook/Gen Agent Trust Hub

fireflies-incident-runbook

Fail

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill includes instructions to retrieve Kubernetes secrets and decode them from base64 into the terminal output, which exposes sensitive credentials to the agent's session and potential log storage.
  • Evidence: kubectl get secret fireflies-secrets -o jsonpath='{.data.api-key}' | base64 -d in SKILL.md.
  • [COMMAND_EXECUTION]: The skill executes high-privilege management commands on the production infrastructure, including modifying secrets and environment variables, and restarting services.
  • Evidence: kubectl create secret generic fireflies-secrets --from-literal=api-key=NEW_KEY and kubectl set env deployment/fireflies-integration RATE_LIMIT_MODE=queue in SKILL.md.
  • [EXTERNAL_DOWNLOADS]: Fetches service status information from status.fireflies.com and health metrics from internal application endpoints.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from logs and API responses, creating an attack surface for indirect prompt injection.
  • Ingestion points: Reads error logs via kubectl logs and fetches network data via curl in SKILL.md.
  • Boundary markers: None present to distinguish between instructions and data.
  • Capability inventory: Permission to run kubectl, curl, and Bash commands.
  • Sanitization: No sanitization or validation of the retrieved logs or API content is performed.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 12, 2026, 01:06 AM