credentials
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed to improve security posture by educating the user on safe credential management. It explicitly advises against committing secrets to version control and recommends industry-standard practices like using environment variables and gitignored configuration files.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests data from a local file (.nutmeg.user.md) to influence agent behavior. 1. Ingestion points: .nutmeg.user.md (read via Read tool). 2. Boundary markers: None detected; the agent is instructed to read the file and personalize its plan based on the content. 3. Capability inventory: Read, Write, Bash, AskUserQuestion tools are available. 4. Sanitization: No explicit sanitization or validation of the profile file content is performed.
Audit Metadata