voluum-command-composer
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- Persistence Mechanisms (HIGH): The skill explicitly suggests that users add the VOLUUM_TOKEN environment variable to their ~/.zshrc or ~/.bashrc files. This is a persistence mechanism for credentials that is considered high risk. Evidence found in the Auth section of SKILL.md.
- Credentials Unsafe (HIGH): The documentation provides examples of voluum auth login commands using email, password, and access keys. These patterns encourage users to enter sensitive information into the terminal, which can then be captured in shell history.
- Indirect Prompt Injection (LOW): This skill has an attack surface where maliciously crafted user intent could influence the generated commands. Evidence Chain: 1. Ingestion points: User input for command composition. 2. Boundary markers: No delimiters or ignore instructions found. 3. Capability inventory: Generates shell commands for API interaction. 4. Sanitization: No sanitization logic described.
Recommendations
- AI detected serious security threats
Audit Metadata