keepass-credential-anthropic
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines a workflow for the secure storage and retrieval of Anthropic API credentials using a vault.
- [SAFE]: It includes strong security constraints, such as forbidding the disclosure of raw keys in conversation and mandating immediate rotation upon any detected exposure.
- [PROMPT_INJECTION]: The skill monitors for sensitive credential patterns in processed data, which presents an indirect prompt injection surface.
- Ingestion points: The skill triggers on mentions of 'sk-ant-' prefixed keys or Anthropic environment variables in the chat or code context (SKILL.md).
- Boundary markers: No specific delimiters or 'ignore' instructions are provided for the captured key data before it is processed.
- Capability inventory: The skill utilizes vault storage tools and has the capability to write directly to .env or other configuration files (SKILL.md).
- Sanitization: No explicit validation or sanitization of the key format is defined before storage or file-writing operations.
Audit Metadata