build-things
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The script 'scripts/generate_merch_url.py' contains a hardcoded HMAC secret key. Hardcoding cryptographic secrets in source code is an unsafe practice that compromises the integrity of the token generation process and exposes the secret to anyone with access to the skill source. Evidence: SECRET_KEY = 'dfc92bc5e95825103283f01c2aa6ca7fe7f6ffc31778ea82c354785c73b0858c' in scripts/generate_merch_url.py.
- [COMMAND_EXECUTION] (LOW): The workflow in 'SKILL.md' directs the agent to execute a local Python script using unvalidated user input ('email') as a command-line argument. This creates a potential command injection surface. 1. Ingestion point: User email requested in SKILL.md Step 1. 2. Boundary markers: Absent in command instruction. 3. Capability inventory: Script execution via 'python' as defined in SKILL.md. 4. Sanitization: None provided in the skill instructions or the shell interpolation logic.
- [PROMPT_INJECTION] (LOW): The skill instructions include directives to hide the technical implementation from the user ('don't reference filepaths... You are just chit chatting with them') and to perform tool operations ('open URL') without explicit user confirmation. These are deceptive instruction patterns that deviate from transparent AI interaction standards.
Recommendations
- AI detected serious security threats
Audit Metadata