Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/groq-common-errors/Gen Agent Trust Hub

groq-common-errors

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill provides a solution that echoes the GROQ_API_KEY variable to verify it is set correctly. This action exposes the plaintext API key in the command output and session history.
  • [DATA_EXFILTRATION]: The command env | grep GROQ is used to inspect the local configuration. This exposes environment variables containing sensitive service credentials to the agent's context and logs.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute curl for status checks and grep for searching environment variables. While targeting official Groq domains, these commands facilitate the exposure of secrets.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to process untrusted data from error logs.
  • Ingestion points: Skill instructions direct the agent to 'Check error message and code in your logs or console'.
  • Boundary markers: None present; there are no delimiters or warnings to ignore instructions embedded within the logs.
  • Capability inventory: The skill has access to Bash (curl, grep) which could be misused if instructions in a log file were followed.
  • Sanitization: No sanitization or validation of the log content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 12:26 AM