analytics
Warn
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Accesses sensitive credential files in the user's home directory, specifically at ~/.secrets/api_keys.sh and ~/.secrets/Roshni-3eada2766db6.json.
- [COMMAND_EXECUTION]: Executes shell commands to source external secret files and run Python scripts (scripts/cloudflare_analytics.py, scripts/firestore_analytics.py, scripts/pmf_analysis.py) using the uv tool.
- [DATA_EXFILTRATION]: Redirects script error output to the world-readable /tmp directory (/tmp/cf_analytics.err, /tmp/firestore_analytics.err, /tmp/pmf_analysis.err), which may leak sensitive API error details or data snippets.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data from external sources (Cloudflare, Firestore, GA4) and processes it with local scripts without defined sanitization or boundary markers. -- Ingestion points: scripts/cloudflare_analytics.py, scripts/firestore_analytics.py, scripts/pmf_analysis.py -- Boundary markers: Absent -- Capability inventory: Shell execution (uv run), sensitive file read (secrets), network API operations -- Sanitization: Not specified in skill instructions.
Audit Metadata