skills/janjaszczak/cursor/keepass/Gen Agent Trust Hub

keepass

Warn

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to execute a variety of shell and PowerShell commands to check for database paths, read configurations, and manage secrets. It also references numerous local scripts (e.g., get-keepass-secret.sh, test-keepass-read.sh, sync-keepass-to-wsl-home.sh) expected to be present on the host system.
  • [CREDENTIALS_UNSAFE]: The core functionality centers on programmatically accessing a KeePassXC database and the native OS keyring (SecretStore or secret-tool). This gives the agent access to the master password and all secrets stored in the database, posing a high risk if the agent's context is compromised or if secrets are inadvertently included in logs or responses.
  • [EXTERNAL_DOWNLOADS]: The agent is instructed to automatically install system-level packages and modules if they are missing. Specifically, it uses apt install for libsecret-tools, gnome-keyring, dbus-x11, and keepassxc, and Install-Module for PowerShell secret management tools. While targeting official repositories, automated package installation via the agent increases the attack surface.
  • [COMMAND_EXECUTION]: The skill requires administrative privileges (sudo) to install the aforementioned Linux dependencies. Although the instructions specify that the agent should ask the user before using sudo, it facilitates elevated privilege operations.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 15, 2026, 10:56 PM
Security Audit — agent-trust-hub — keepass