pg-status
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill references the Solana keypair stored at
~/.proxygate/keypair.json. Access to this sensitive file is required for authentication and performing transactions within the ProxyGate ecosystem. - [CREDENTIALS_UNSAFE]: The documentation describes CLI commands that take sensitive API keys and OAuth2 tokens as direct arguments, such as
proxygate listings rotate-key <id> --key <key>. While functional, this method involves the handling of secrets in the command-line context. - [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection through its ingestion of remote data.
- Ingestion points: Data such as usage logs, job descriptions, and listing documentation are retrieved from the remote gateway at
gateway.proxygate.ai(SKILL.md, references/commands.md). - Boundary markers: Absent. There are no instructions or patterns indicating the use of delimiters to separate retrieved external data from the agent's instructions.
- Capability inventory: The skill allows for configuration management and status updates but does not include capabilities for arbitrary command execution or writing to sensitive system files (SKILL.md).
- Sanitization: Not documented. External content from the gateway is processed without verified sanitization or validation mechanisms.
Audit Metadata