Skills
skills/terrylica/cc-skills/show-env-status/Gen Agent Trust Hub

show-env-status

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill uses mise env to display environment variables and attempts to redact secrets using a case-insensitive grep filter.
  • Evidence: The command mise env 2>/dev/null | grep -v -i "TOKEN\\|KEY\\|SECRET\\|PASSWORD\\|CREDENTIAL" in SKILL.md.
  • Risk: This denylist approach is insufficient as it may miss sensitive variables using different naming conventions (e.g., AUTH, SSH_DATA, DATABASE_URL containing credentials, or custom application secrets).
  • [COMMAND_EXECUTION]: The skill executes multiple local shell commands to gather information about the repository and tool configurations.
  • Evidence: Usage of mise, grep, ls, and echo via the Bash tool.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via untrusted repository metadata and file names.
  • Ingestion points: File names via ls and task definitions via mise tasks ls in SKILL.md.
  • Boundary markers: Absent; data is ingested without delimiters or specific instructions to the model to ignore embedded instructions.
  • Capability inventory: Access to the Bash tool enables command execution based on processed data.
  • Sanitization: Absent; outputs are not sanitized or validated before being presented to the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 05:28 PM