deployment-validation-config-validate
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill includes functionality to recursively search for and read sensitive configuration files, including environment files (
.env),.json, and.yamlfiles. It specifically scans these files for high-value targets like API keys, passwords, and AWS credentials. While this aligns with the skill's stated goal of validation, it represents a data exposure risk if the agent's output is redirected. - [CREDENTIALS_UNSAFE]: The
SecureConfigManagerimplementation uses a static, hardcoded salt string ('config-salt') for the PBKDF2 key derivation function. This is a cryptographic best-practice violation as salts should be unique and random to prevent precomputation attacks. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality:
- Ingestion points: Files processed by
ConfigurationAnalyzerandRuntimeConfigValidator(e.g.,**/*.env,**/*.yaml). - Boundary markers: None identified; the skill directly parses file content into memory.
- Capability inventory: The skill has broad local file-read access and the ability to parse various data formats, but lacks network or arbitrary command execution capabilities in the provided snippets.
- Sanitization: None; the skill relies on JSON Schema validation which ensures structure but does not sanitize content against embedded natural language instructions.
Audit Metadata