uptime-monitor
Fail
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill explicitly reads and parses sensitive credential data from a local file path at
~/.gooseworks/credentials.json. It uses a Python one-liner to extract anapi_keyand assign it to an environment variable (GOOSEWORKS_API_KEY). - [DATA_EXFILTRATION]: Extracted credentials are sent to an external service (
api.gooseworks.aior a variableGOOSEWORKS_API_BASE) viacurlcommands. While this appears to be the intended function of the skill, the pattern of reading local secrets and transmitting them to a remote endpoint is a primary data exfiltration vector. - [COMMAND_EXECUTION]: The skill uses
python3 -cwithin shell commands to execute dynamic Python code for the purpose of reading local files and manipulating environment variables. It also suggests the execution ofnpx gooseworks login, which involves third-party package execution via Node.js.
Recommendations
- AI detected serious security threats
Audit Metadata