Skills
skills/lifangda/claude-plugins/secrets-management/Gen Agent Trust Hub

secrets-management

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFENO_CODE
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill references external resources from organizations not on the Trusted Sources list: trufflesecurity/trufflehog:latest (Docker image) and aws-actions/configure-aws-credentials@v4 (GitHub Action).
  • EXTERNAL_DOWNLOADS (INFO): The skill references trusted sources for infrastructure management, such as actions/checkout@v4 and hashicorp/vault-action@v2.
  • CREDENTIALS_UNSAFE (LOW): Placeholder credentials like VAULT_TOKEN='root' and password='secret' are used in instructional snippets specifically for development environment demonstrations.
  • NO_CODE (INFO): This skill contains no executable agent code (e.g., Python or Javascript scripts), functioning purely as a template and reference library.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:34 PM