manage-secrets-env
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from local configuration files (
.env,.env.example) and remote secret stores via platform CLIs. - Ingestion points: Reads
.env,.env.example, and outputs fromgh secret,aws ssm,gcloud secrets, etc. - Boundary markers: The skill uses placeholders like
__REPLACE_ME__and specific parsing logic inscripts/check-env-drift.sh, though it does not implement explicit "ignore instructions" delimiters for all ingested data. - Capability inventory: The skill has broad capabilities including file system write access and execution of various cloud provider CLI tools.
- Sanitization: The skill advises using secure input methods (e.g.,
read -sr) to handle values, minimizing the risk of accidental execution or leakage during processing. - [COMMAND_EXECUTION]: The skill leverages platform-specific CLI tools (AWS, GCP, GitHub, Vercel, Netlify, Fly.io, Railway) to manage environment variables and secrets. This execution is fundamental to the skill's primary purpose and is accompanied by detailed instructions on how to perform these operations without leaking sensitive values into shell history or logs.
Audit Metadata