Skills
skills/boshu2/agentops/account-rotation/Gen Agent Trust Hub

account-rotation

Warn

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: Accesses and modifies sensitive authentication files including ~/.claude/.credentials.json and ~/.claude.json to swap session tokens and user identity blocks between accounts.
  • [CREDENTIALS_UNSAFE]: Programmatically interacts with the macOS Keychain (security service Claude Code-credentials) to manage and rotate authentication tokens.
  • [COMMAND_EXECUTION]: Executes the macOS security utility with the -A flag (security add/delete-generic-password -A), which allows the skill to modify or delete keychain items without triggering a GUI security prompt or requiring manual user approval.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 20, 2026, 08:28 AM
Security Audit — agent-trust-hub — account-rotation