maven-profile-selector
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill is designed to read Maven's
settings.xmlfile to list available profiles. This file is a sensitive configuration store that frequently contains plaintext or encrypted credentials for artifact repositories (e.g., Nexus, Artifactory), server passwords, and proxy authentication details. Accessing this file risks leaking these secrets into the agent's context. - [COMMAND_EXECUTION]: The skill dynamically builds shell commands by appending a user-selected profile to the
mvncommand using the-Pflag. There is a lack of input validation or sanitization for the profile string, which creates an attack surface for command injection if a malicious profile name is present in a project's configuration or provided by a user. - [COMMAND_EXECUTION]: Regarding Indirect Prompt Injection vulnerability surface:
- Ingestion points: The skill reads profile names and descriptions from
settings.xml(SKILL.md). - Boundary markers: None are specified to prevent the agent from interpreting instructions embedded within the XML content.
- Capability inventory: The agent has the capability to execute system commands via
mvn(SKILL.md). - Sanitization: There are no instructions provided to sanitize or validate the content extracted from the XML file before it is presented to the user or used in command construction.
Audit Metadata