Skills
skills/joaquimscosta/arkhe-claude-plugins/sops-add-key/Gen Agent Trust Hub

sops-add-key

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the sops CLI and a helper script via python3 to manage encryption keys and process encrypted files.\n- [COMMAND_EXECUTION]: A fallback routine for older SOPS versions decrypts sensitive content into temporary plaintext files (<file>.tmp.yaml). This creates a transient risk of data exposure if the process is interrupted before the cleanup command (rm) is executed or if the environment is shared.\n- [PROMPT_INJECTION]: The skill processes external, untrusted data which presents a surface for indirect prompt injection.\n
  • Ingestion points: User-provided public keys via AskUserQuestion and data read from project files like .sops.yaml and various encrypted YAML files.\n
  • Boundary markers: No explicit markers are used to isolate ingested data from agent instructions.\n
  • Capability inventory: The skill has the capability to execute python3, sops, and rm commands as specified in SKILL.md.\n
  • Sanitization: The skill performs basic validation by ensuring the provided public key starts with the required age1 prefix.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 10:55 AM