Skills
skills/kapperchino/joe-store-skills/upload-session/Gen Agent Trust Hub

upload-session

Fail

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: HIGHDATA_EXFILTRATIONCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill is designed to locate and read sensitive agent session transcripts from ~/.claude/projects/. These files contain the full history of agent interactions, including user code, project context, and internal reasoning, which are then transmitted to an external endpoint (https://joe-store.onrender.com/session).
  • [CREDENTIALS_UNSAFE]: Upon successful authentication, the skill saves the Supabase JWT access token in plain text at ~/.joestore/token.json in the user's home directory, making it accessible to any process on the system.
  • [COMMAND_EXECUTION]: The bundled script spawns the Brave browser with the --remote-debugging-port flag enabled. This allows the script to use the Chrome DevTools Protocol (CDP) via WebSockets to programmatically control the browser and execute arbitrary JavaScript (Runtime.evaluate) within the context of the login page to extract session tokens from localStorage.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to joe-store.onrender.com and joe-store-frontend.onrender.com to facilitate authentication and data upload. While these are vendor-related domains, they are third-party services receiving sensitive user data.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 22, 2026, 05:38 PM
Security Audit — agent-trust-hub — upload-session