papertrail
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: Accesses the SWO_API_TOKEN environment variable and the configuration file at ~/.config/paperctl/config.toml for authentication. The command paperctl config show can reveal these secrets in the session output.\n- [COMMAND_EXECUTION]: Executes the paperctl CLI for system interactions and uses curl to query external APIs.\n- [EXTERNAL_DOWNLOADS]: Fetches worker IDs from Mozilla's public Taskcluster API (firefox-ci-tc.services.mozilla.com). This targets a well-known service and is used for metadata retrieval rather than code execution.\n- [PROMPT_INJECTION]: Potential for indirect prompt injection as the skill processes logs from external systems which could contain malicious instructions.\n
- Ingestion points: Log content retrieved via paperctl pull and paperctl search.\n
- Boundary markers: Not present; the skill lacks instructions to ignore or delimit embedded commands in processed data.\n
- Capability inventory: Shell command execution through paperctl and file system write access for saving log files.\n
- Sanitization: No sanitization or validation of the ingested log data is performed.
Audit Metadata