openssl-selfsigned-cert
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides templates for shell commands (openssl, mkdir, cat) and a Python script using subprocess.run to interact with system binaries. While these are standard for certificate management, they involve direct system interaction. Evidence: Workflow steps 1-5 and the Python script template.
- [EXTERNAL_DOWNLOADS] (LOW): The skill mentions installing the 'cryptography' library if standard modules are insufficient. As this is a trusted package from a standard repository (PyPI), the risk is negligible per [TRUST-SCOPE-RULE]. Evidence: Section 'Prefer Standard Library Over External Dependencies'.
- [DATA_EXPOSURE] (INFO): The workflow involves generating RSA private keys. The documentation suggests verifying file contents using 'cat', which would result in sensitive private key material being printed to standard output or chat history. Evidence: Common Pitfall #2 recommends 'cat /path/to/file'.
Audit Metadata