Skills
skills/terrylica/cc-skills/mise-configuration/Gen Agent Trust Hub

mise-configuration

Fail

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill provides instructions and patterns for reading sensitive credentials, including GitHub tokens and SSH keys, from specific filesystem paths like ~/.claude/.secrets/ and ~/.ssh/. This exposes private authentication data to the agent's context.
  • [COMMAND_EXECUTION]: The skill utilizes the Tera templating engine within mise configuration files. The engine's exec function allows the execution of arbitrary shell commands during environment variable resolution (e.g., {{ exec(command='...') }}), which represents a major execution vector if a user or attacker provides a malicious configuration file.
  • [COMMAND_EXECUTION]: Indirect Prompt Injection Surface Analysis: 1. Ingestion points: Configuration files such as .mise.toml, .env, and .env.secrets. 2. Boundary markers: Absent for templated values. 3. Capability inventory: Shell command execution via Tera exec function and full filesystem access via allowed tools (Read, Bash, Write). 4. Sanitization: No sanitization or validation is implemented for values passed to the execution functions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 25, 2026, 11:19 PM