Skills
skills/glincker/claude-code-marketplace/environment-manager/Gen Agent Trust Hub

environment-manager

Warn

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill is designed to access and modify sensitive project configuration files such as .env, .env.development, and .env.production, and to manage credentials within services like AWS Secrets Manager and HashiCorp Vault.
  • [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection due to its processing of untrusted file content.
  • Ingestion points: Processes .env files, Dockerfiles, and Kubernetes configuration files from the project directory.
  • Boundary markers: The instructions do not define delimiters or protective instructions to prevent the agent from executing commands found within these files.
  • Capability inventory: The skill utilizes the Read, Write, and Bash tools, which allow for significant file system and command-line operations.
  • Sanitization: There is no evidence of sanitization or validation routines for the data ingested from external configuration files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 6, 2026, 11:48 PM
Security Audit — agent-trust-hub — environment-manager