resolving-identity

Warn

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill instructions direct the agent to access the $USER environment variable. This action exposes local system metadata (the current username) to the model's operational context.
  • [COMMAND_EXECUTION]: The skill utilizes dynamic path resolution to load instructions from a computed path using the active_provider variable. Constructing instructional paths from variables is a risky pattern that could be exploited to load unauthorized content if the variable input is not strictly validated.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 18, 2026, 09:04 AM
Security Audit — agent-trust-hub — resolving-identity