PopeBot Operations
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The documentation instructs users to pass sensitive tokens (e.g.,
GH_TOKEN,OLLAMA_API_KEY) directly as command-line arguments or shell environment variables (e.g.,docker exec -e GH_TOKEN=<token>). This practice can expose secrets through shell history files (.bash_history), process monitoring tools (ps,top), and system logs. - [COMMAND_EXECUTION]: The skill provides numerous commands that interact with the host system's shell, Docker daemon, and local file system at
d:\dev_aiwinsor\popebot_agent\. These include potentially destructive operations such asgit rm -fand the creation/modification of files via PowerShell scripts. - [DATA_EXFILTRATION]: The skill documentation highlights that the deployment repository (
winsorllc/upgraded-carnival) is public. This configuration, combined with the instructions to manage sensitive tokens and deploy autonomous agents, significantly increases the risk of accidental secret exposure or data leakage to the public domain.
Audit Metadata