staging-token
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- CREDENTIALS_UNSAFE (HIGH): The skill is specifically designed to retrieve sensitive staging JWT tokens and credentials for the Aircall dashboard.
- COMMAND_EXECUTION (HIGH): The skill executes a shell command that sources and runs a local fish script (
get_token.fish) from the user's home directory. This script is external to the skill package, meaning its behavior is unverified and could perform arbitrary actions on the system. - DATA_EXFILTRATION (MEDIUM): The skill explicitly instructs the agent to 'Report back the result to the user.' This leads the agent to print the retrieved sensitive token into the chat context, exposing it to the chat history and any system that logs agent outputs.
Recommendations
- AI detected serious security threats
Audit Metadata