Skills
skills/0xkey-io/enclave-keyops-skills/0xkey-keyops-share/Gen Agent Trust Hub

0xkey-keyops-share

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the qos_client binary from the vendor's GitHub repository (0xkey-io/qos). This download is verified using SHA256 checksums. This is a standard and safe operation for this tool's functionality.
  • [COMMAND_EXECUTION]: The skill uses subprocess to execute the qos_client binary and kubectl. These calls use argument lists rather than shell strings, preventing command injection.
  • [DATA_EXFILTRATION]: While the skill handles sensitive key material, it implements several safeguards: enclave_keyops.py includes a redaction mechanism for audit logs, and the skill instructions explicitly forbid reading or displaying secret contents. Network operations are limited to health checks on localhost and fetching the client from GitHub.
  • [SAFE]: The skill demonstrates high security awareness by implementing safe_extract_tar to prevent path traversal attacks when handling bundles and by enforcing a 'roster-first' rule to prevent alias collisions and unauthorized key use.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:06 PM
Security Audit — agent-trust-hub — 0xkey-keyops-share