llm-secrets
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill's primary purpose is to identify and access sensitive credentials. The documentation explicitly mentions secrets such as
BROWSER_PASSWORDandSOME_API_KEY. - [DATA_EXFILTRATION]: Although the provided script
llm-secrets.jsonly lists key names, theSKILL.mdfile provides direct instructions for the agent to retrieve the underlying secret values usingecho $KEY_NAME. This pattern facilitates the exposure of sensitive system environment variables to the LLM context, which can then be exfiltrated via subsequent tool calls or network requests.
Recommendations
- AI detected serious security threats
Audit Metadata