1password
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill explicitly promotes the use of
curl -sSL ... | bashto install dependencies and the skill itself fromcanifi.com. This is an untrusted source that enables immediate, arbitrary command execution on the user's system. - [EXTERNAL_DOWNLOADS] (HIGH): Downloads are sourced from
canifi.com, which does not belong to the list of Trusted External Sources. This significantly increases the risk of supply chain attacks or malicious payload delivery. - [CREDENTIALS_UNSAFE] (HIGH): The skill is designed to handle extremely sensitive data, including
OP_SERVICE_ACCOUNT_TOKEN,SERVICE_EMAIL, andSERVICE_PASSWORD. Because the installation method is insecure (RCE), these credentials are at high risk of being intercepted or exfiltrated by the installation scripts. - [COMMAND_EXECUTION] (MEDIUM): The setup process relies on a custom, unverified CLI utility
canifi-env. Executing unverified binaries or scripts to manage environment variables can lead to persistent system compromise or privilege escalation.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/1password/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata