Skills
skills/nateberkopec/dotfiles/env-to-fnox/Gen Agent Trust Hub

env-to-fnox

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION] (MEDIUM): The skill uses cat .env to read the contents of a sensitive file. This exposes all secrets to the agent's context and any associated logging systems. While necessary for the stated migration task, it constitutes a data exposure risk.
  • [COMMAND_EXECUTION] (MEDIUM): The skill generates commands like op item create that pass secret values as plaintext command-line arguments. This is a security anti-pattern as secrets can be leaked through shell history files (e.g., .bash_history), system monitoring tools, or process listings (ps).
  • [EXTERNAL_DOWNLOADS] (LOW): The skill installs the fnox tool via mise. While fnox is the central component of this skill, downloading and executing external binaries introduces a dependency on the integrity of the tool's distribution channel.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data from .env files.
  • Ingestion points: Reading .env file via cat command.
  • Boundary markers: Absent; the agent reads raw file content without delimiters.
  • Capability inventory: Subprocess execution (mise, op, git, rm).
  • Sanitization: Absent; the skill does not validate or sanitize the content of the .env file before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:26 PM