fnox-providers
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill provides standard CLI command examples for tools like 'age-keygen' and 'fnox'. These are purely instructional and do not perform malicious actions.
- CREDENTIALS_UNSAFE (SAFE): While the skill contains AWS-like credentials in the 'Anti-Patterns' section, they are explicitly labeled as examples of what to avoid and use standard dummy values.
- PROMPT_INJECTION (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found.
- DATA_EXFILTRATION (SAFE): The skill mentions sensitive file paths (e.g., '~/.config/fnox/keys/identity.txt') in the context of configuration best practices, but does not attempt to read or transmit them externally.
- INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to interact with configuration files like 'fnox.toml'. While this presents a surface where untrusted data could be processed, the skill currently only provides documentation on how to interact with them safely.
Audit Metadata