Skills
skills/steipete/agent-scripts/sonos-debug/Gen Agent Trust Hub

sonos-debug

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The script scripts/unifi-auth-tmux.sh includes a hardcoded 1Password item ID (2n4prwqn2zbhph3cwfbilgwwte) as a default parameter. While this is a reference rather than a secret itself, it identifies a specific resource within the user's vault.
  • [COMMAND_EXECUTION]: The skill relies on various system commands and third-party CLI tools, including sonos, op (1Password), tmux, jq, and curl. It uses an unconventional workflow involving tmux send-keys to automate credential retrieval and session management.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations via curl to interact with local Sonos devices and a UniFi controller. It specifically uses the -k or --insecure flag, which disables SSL certificate validation, posing a risk if the local network is compromised.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 06:24 AM