llm-secrets
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: HIGHCREDENTIALS_UNSAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill's primary function is to list and retrieve sensitive authentication credentials stored in the LLM_SECRETS environment variable.
- [CREDENTIALS_UNSAFE]: The documentation in SKILL.md explicitly instructs the AI agent on how to output the secret values using shell commands, creating a direct path for these secrets to be exposed in chat logs or exfiltrated.
- [CREDENTIALS_UNSAFE]: The script llm-secrets.js accesses and parses the entire secret store from the environment, making all contained sensitive information available to the agent's runtime context.
Recommendations
- AI detected serious security threats
Audit Metadata