Skills
skills/openclaw/skills/redis/Gen Agent Trust Hub

redis

Fail

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill processes untrusted data from an external source (Redis) without boundary markers or sanitization.
  • Ingestion points: Data retrieved from Redis via redis-cli GET and redis-cli KEYS (SKILL.md).
  • Boundary markers: None present to differentiate database content from agent instructions.
  • Capability inventory: Execution of redis-cli commands for reading, writing, and flushing data (SKILL.md).
  • Sanitization: No evidence of input filtering or output escaping.
  • [Command Execution] (HIGH): The skill utilizes the redis-cli binary and requires curl and jq to be available on the host system (SKILL.md), posing a risk of arbitrary command execution if the agent is manipulated.
  • [Data Exposure] (MEDIUM): Interaction with database keys can expose sensitive credentials, session tokens, or private data stored in the memory cache (SKILL.md).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 14, 2026, 02:11 PM