terminal-gif-recordings
Fail
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to access a sensitive local credential file and extract an API key using a script.
- Evidence:
export GOOSEWORKS_API_KEY=$(python3 -c "import json;print(json.load(open('$HOME/.gooseworks/credentials.json'))['api_key'])")inSKILL.md. - [DATA_EXFILTRATION]: The skill provides a recording template that transmits the extracted host credentials to a remote endpoint via network requests.
- Evidence:
curl -s -X POST $GOOSEWORKS_API_BASE/v1/proxy/orthogonal/run -H "Authorization: Bearer $GOOSEWORKS_API_KEY"inSKILL.md. - [COMMAND_EXECUTION]: The skill relies on the execution of shell commands to install third-party dependencies and perform setup tasks.
- Evidence:
brew install vhs,brew install zsh-syntax-highlighting, andnpx gooseworks login.
Recommendations
- AI detected serious security threats
Audit Metadata