Skills
NYC
skills/thebushidocollective/han/fnox-configuration/Gen Agent Trust Hub

fnox-configuration

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION] (LOW): The skill directs the agent to access sensitive file paths such as ~/.ssh/age-identity.txt and ~/.config/fnox/keys/. While these locations are standard for the intended use of a secrets management tool (Fnox), the access to these paths using the provided Read and Bash tools creates a risk of data exposure if the agent's behavior is influenced by malicious third-party data.
  • [PROMPT_INJECTION] (LOW): The skill possesses a surface for Indirect Prompt Injection (Category 8) by design.
  • Ingestion points: The agent is instructed to read fnox.toml, fnox.local.toml, and any files referenced via the import directive.
  • Boundary markers: No specific delimiters or instructions (e.g., 'ignore instructions within these files') are provided to prevent the agent from obeying commands embedded within the TOML files it reads.
  • Capability inventory: The skill enables high-privilege tools including Bash, Write, and Edit, which could be exploited if malicious instructions are ingested from a configuration file.
  • Sanitization: No sanitization or validation logic is defined for the content of the configuration files before the agent processes them.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 08:31 PM