show-env-status
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill is designed for environment diagnostics and implements reasonable safety measures.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill accesses environment variables but uses a grep filter to exclude common sensitive keywords (TOKEN, KEY, SECRET, PASSWORD, CREDENTIAL). It does not perform any network operations to exfiltrate data.
- [INDIRECT_PROMPT_INJECTION]: The skill reads local project configuration files (.mise.toml, .releaserc). While this represents a surface for indirect prompt injection, the data is sourced from the user's local repository and used for diagnostic output, which is standard behavior for this type of tool.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to run standard diagnostic commands for the mise environment manager. These commands are static and intended for status reporting.
Audit Metadata