skills/iii-hq/iii/configuration/Gen Agent Trust Hub

configuration

Warn

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: Environment variable expansion in configuration::get.
  • The skill automatically expands ${VAR:default} placeholders against the live process environment during read operations unless raw: true is specified.
  • This behavior allows for the potential retrieval of sensitive secrets, such as API keys or internal system paths, that are stored in the agent's environment variables.
  • [DATA_EXFILTRATION]: File system persistence and monitoring.
  • The fs adapter persists configuration entries as YAML files under the ./data/configuration directory.
  • The skill monitors this directory for external edits, which could allow for configuration injection if an attacker gains write access to the local file system.
  • [COMMAND_EXECUTION]: Reactive trigger system executes registered functions.
  • The skill supports binding triggers that invoke specified function_id handlers whenever configuration data is registered, updated, or deleted.
  • This architecture enables a data-driven execution flow where changes to configuration values automatically trigger function execution across the platform.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 17, 2026, 10:03 AM
Security Audit — agent-trust-hub — configuration