skills/idanbeck/claude-skills/zep-cli/Gen Agent Trust Hub

zep-cli

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the zep CLI tool to perform platform operations like listing experiments, submitting runs, and managing authentication tokens. It assumes the tool is either in the system PATH or executed via poetry run.
  • [CREDENTIALS_UNSAFE]: The skill provides instructions for handling sensitive information, including API tokens (ZEP_TOKEN), API keys (ZEP_API_KEY), and local configuration files (~/.zep/config.json). It correctly advises setting these via environment variables and explicitly warns against echoing raw tokens into logs or chat interfaces.
  • [INDIRECT_PROMPT_INJECTION]: The skill creates an attack surface by ingesting untrusted data from the platform (such as experiment names, run lists, or dataset content) that could contain malicious instructions. However, the risk is mitigated by explicit instructions to always show the target workspace and obtain user confirmation before performing any mutating commands (submit, cancel, or delete).
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 06:05 PM
Security Audit — agent-trust-hub — zep-cli