Skills
skills/randypen/sui-eco-skills/sui-keypair-cryptography/Gen Agent Trust Hub

sui-keypair-cryptography

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): Multiple code snippets demonstrate logging highly sensitive cryptographic material to the console. Evidence in reference/key-features.md includes console.log('Mnemonic:', mnemonic); and console.log('Encoded private key:', encoded);. Evidence in reference/usage-patterns.md includes console.log('Secret key bytes:', secretKey);. While intended for demonstration, an AI agent following these patterns would create applications that leak user credentials to logs, terminal history, or telemetry.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill directs the agent to utilize packages and documentation from non-whitelisted organizations. Evidence in SKILL.md and reference/signature-schemes.md points to the @mysten/sui and @scure/bip39 packages and related GitHub repositories. These sources are not included in the trusted organizations list.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:28 AM