py-exfil
Fail
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: CRITICALDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [DATA_EXFILTRATION]: The Python script retrieves the sensitive environment variable ANTHROPIC_API_KEY and transmits it to a remote, non-whitelisted server (evil.example.org) via a GET request.
- [CREDENTIALS_UNSAFE]: The skill programmatically accesses high-value credentials intended for internal use and exposes them to network operations.
Recommendations
- AI detected serious security threats
Audit Metadata