credentials
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a command-line interface via
bun run credentials/credentials.tsfor secret management, utilizing thecommanderpackage to handle subcommands for storage and retrieval operations. - [CREDENTIALS_UNSAFE]: The skill manages sensitive data stored at
~/.aibtc/credentials.json. While the implementation correctly encrypts values and restricts file access, the CLI design requires master passwords and secret values to be passed as command-line flags. This pattern is a known security trade-off as command-line arguments can be visible to other processes on the same system.
Audit Metadata