secondme
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE] (MEDIUM): The skill explicitly collects sensitive data, including database connection strings and application credentials. These are stored locally in
.env.localand.secondme/state.json. While the skill advises adding these to.gitignore, the agent is actively handling and writing raw secrets to the filesystem. - [COMMAND_EXECUTION] (LOW): The workflow triggers automated command execution for environment setup, specifically
npm installandnpx prisma db push. This involves installing external code into the local environment. - [EXTERNAL_DOWNLOADS] (LOW): The skill guides users to an external domain
develop.second.mefor account registration and credential retrieval. - [PROMPT_INJECTION] (LOW):
- Ingestion points: User requirements and design preferences collected via
AskUserQuestiontools (SKILL.md). - Boundary markers: None identified in the provided workflow to separate user-provided strings from the code generation logic.
- Capability inventory: The skill performs file writes, installs npm packages, and delegates tasks to the
frontend-design:frontend-designsub-skill. - Sanitization: No explicit sanitization or validation of user-provided input is mentioned before it is used to generate the Prisma schema or Next.js code.
Audit Metadata