redis-inspect
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- DATA_EXFILTRATION (MEDIUM): The skill is designed to retrieve and display sensitive information from Redis, including user sessions, system permissions, and feature flags. This represents a significant data exposure risk as it provides a direct interface for the agent to read protected system state.
- COMMAND_EXECUTION (MEDIUM): The skill executes a local Node.js script (query.mjs) to perform Redis operations. The inclusion of the --writable flag and the del command allows the agent to perform destructive actions, which could lead to service disruption or unauthorized state modification.
- INDIRECT_PROMPT_INJECTION (LOW): The skill creates a vulnerability surface where data retrieved from Redis could contain malicious instructions. 1. Ingestion points: Untrusted data enters the agent context via Redis commands like get, hgetall, and smembers in SKILL.md. 2. Boundary markers: There are no documented delimiters or instructions to ignore embedded commands in the data retrieved. 3. Capability inventory: The skill allows command execution via node and data deletion via Redis del. 4. Sanitization: No sanitization or validation of Redis values is mentioned in the skill documentation.
Audit Metadata