Skills
skills/cipherstash/stack/stash-encryption/Gen Agent Trust Hub

stash-encryption

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation guides the installation of the @cipherstash/stack package from the official NPM registry, which is the standard method for integrating the vendor's SDK.
  • [CREDENTIALS_UNSAFE]: The instructions reference sensitive configuration parameters such as CS_CLIENT_KEY and CS_CLIENT_ACCESS_KEY. It correctly advises users to manage these secrets via .env files or environment variables rather than hardcoding them, following security best practices.
  • [DATA_EXFILTRATION]: The skill describes configuration for a CipherStash Token Service (CTS) endpoint at viturhosted.net. This domain belongs to the vendor's infrastructure (Vitur) and is used for identity-aware encryption operations.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 09:10 PM