keypo-signer
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
keypo-signer vault execcommand to run child processes with secrets injected into their environment. This enables the agent to execute tools likecargo,forge, or shell scripts with access to necessary credentials while keeping the secret values isolated from the agent's direct view and avoiding plaintext exposure in logs. - [EXTERNAL_DOWNLOADS]: The documentation includes instructions to install the
keypo-signerCLI tool via Homebrew from the vendor's official tap (keypo-us/tap/keypo-signer). The source code for the tool is hosted on the vendor's GitHub repository, and its use is consistent with the primary purpose of the skill.
Audit Metadata