altimate-setup
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a
chmodcommand to set restrictive file permissions on the configuration file. This is a security-enhancing action intended to protect sensitive credentials. - [DATA_EXFILTRATION]: The skill interacts with sensitive platform credentials (API keys) by reading from and writing to a local configuration file. The process includes instructions for masking credentials during display and using secure file permissions.
- [PROMPT_INJECTION]: The skill reads from
~/.altimate/altimate.json, which represents an attack surface for indirect prompt injection. Ingestion point:~/.altimate/altimate.json. Capabilities: Tool execution (datamate_manager) and file operations. The skill does not define specific boundary markers or sanitization for this local configuration data.
Audit Metadata