remote-session
Warn
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions explicitly direct the agent to read sensitive authentication data, including a password ('Pass'), from
/tmp/remote-session.txtand display it in plaintext to the user. This exposes sensitive credentials to the chat history and any subsequent logging or monitoring. - [DATA_EXFILTRATION]: Accessing
/tmp/remote-session.txtconstitutes exposure of sensitive session data. Reading from/tmpis inherently risky as temporary files may be accessible to other users or processes on the system, potentially allowing for credential harvesting or session hijacking.
Audit Metadata