check-config
Fail
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill is designed to fetch and display
magic_link_tokensfrom the configuration store. These tokens are sensitive authentication credentials. Commands likepython -m scripts.check_config_store --keys magic_link_tokens --rawand theinspect_store.shscript facilitate the direct exposure of these secrets to the agent's output and memory bank. - [COMMAND_EXECUTION]: The skill relies on executing local shell scripts and Python modules via subprocesses. It executes
./.cline/skills/check-config/inspect_store.shand invokespython -m scripts.check_config_store. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting and displaying potentially untrusted data from the Redis configuration store or JSON files. (Ingestion points: Config store data accessed in
SKILL.mdandinspect_store.sh; Boundary markers: No delimiters or ignore instructions are present; Capability inventory: Execution of shell scripts and Python modules; Sanitization: None mentioned for the processed configuration values).
Recommendations
- AI detected serious security threats
Audit Metadata