Skills
skills/ariadoss/superskills/cache-strategy/Gen Agent Trust Hub

cache-strategy

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses grep and bash commands to perform discovery within the project's filesystem, scanning for Redis, Memcached, and database query patterns.
  • [CREDENTIALS_UNSAFE]: The discovery step specifically instructs the agent to grep for strings like REDIS_URL and MEMCACHE within environment files (e.g., .env, .env*) and configuration files. These variables often contain embedded passwords or tokens which would be exposed to the agent's context during discovery.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to its automated scanning and processing of untrusted local data.
  • Ingestion points: The skill reads various file types (.js, .py, .rb, .json, .yml, .env) throughout the repository using grep, Glob, and Read tools.
  • Boundary markers: The instructions do not define boundary markers or delimiters for the data being read.
  • Capability inventory: The agent has access to Bash, Write, and Edit tools, allowing it to execute commands or modify files based on instructions interpreted from the scanned data.
  • Sanitization: No sanitization or validation of the ingested code/configuration content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 05:49 AM