Skills
skills/l3digital-net/claude-code-plugins/keepass-credential-ssh/Gen Agent Trust Hub

keepass-credential-ssh

Warn

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses the ~/.ssh directory to search for and load private SSH keys, which are sensitive authentication credentials.
  • [COMMAND_EXECUTION]: The skill utilizes the ssh-add utility to list keys in the agent and load keys from the filesystem.
  • [DATA_EXFILTRATION]: The skill retrieves cryptographic attachments from a KeePass database, involving the handling of private key material.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests data from local files and vault attachments without explicit boundary markers or sanitization. Ingestion points: ~/.ssh files and KeePass attachments (SKILL.md). Boundary markers: Absent. Capability inventory: ssh-add command execution (SKILL.md). Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 01:38 PM
Security Audit — agent-trust-hub — keepass-credential-ssh