keepass
Warn
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute a variety of shell and PowerShell commands to check for database paths, read configurations, and manage secrets. It also references numerous local scripts (e.g.,
get-keepass-secret.sh,test-keepass-read.sh,sync-keepass-to-wsl-home.sh) expected to be present on the host system. - [CREDENTIALS_UNSAFE]: The core functionality centers on programmatically accessing a KeePassXC database and the native OS keyring (SecretStore or secret-tool). This gives the agent access to the master password and all secrets stored in the database, posing a high risk if the agent's context is compromised or if secrets are inadvertently included in logs or responses.
- [EXTERNAL_DOWNLOADS]: The agent is instructed to automatically install system-level packages and modules if they are missing. Specifically, it uses
apt installforlibsecret-tools,gnome-keyring,dbus-x11, andkeepassxc, andInstall-Modulefor PowerShell secret management tools. While targeting official repositories, automated package installation via the agent increases the attack surface. - [COMMAND_EXECUTION]: The skill requires administrative privileges (
sudo) to install the aforementioned Linux dependencies. Although the instructions specify that the agent should ask the user before usingsudo, it facilitates elevated privilege operations.
Audit Metadata