Skills
skills/useai-pro/openclaw-skills-security/credential-scanner/Gen Agent Trust Hub

credential-scanner

Warn

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill is configured to read highly sensitive file paths including ~/.aws/credentials, ~/.ssh/id_rsa, and various environment files to detect exposed secrets. This behavior is the stated purpose of the tool but represents significant data exposure.
  • [DATA_EXFILTRATION]: To mitigate risks, the skill mandates truncating discovered secrets in the output using block characters (e.g., ████████).
  • [PROMPT_INJECTION]: The metadata field lastAudited contains a future date ("2026-02-01"), which is deceptive regarding the skill's actual safety review status.
  • [PROMPT_INJECTION]: The skill reads untrusted data from the local workspace, creating an indirect prompt injection surface where malicious instructions in scanned files could influence the agent. 1. Ingestion points: Files in the workspace and home directory (e.g., .env, .ssh/config) as defined in SKILL.md. 2. Boundary markers: Absent; no delimiters are specified for separating file content from agent instructions. 3. Capability inventory: Limited to fileRead permission; no network or shell access is defined in SKILL.md. 4. Sanitization: Output truncation is required for discovered secrets, but no sanitization for general file content is specified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 01:31 AM