env-manager
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to access and analyze sensitive configuration files, specifically
.envand its variants (e.g.,.env.production). These files are the standard location for storing application secrets, API keys, and database credentials. - [DATA_EXFILTRATION]: The workflow involves scanning source code for hardcoded sensitive information like tokens and passwords. While intended for remediation (moving them to environment variables), this process involves reading highly sensitive data into the agent's context.
- [DATA_EXFILTRATION]: The skill instructs the agent to synchronize environment variables across different environments (monorepos, CI/CD, Docker), which involves the movement of sensitive configuration data.
Audit Metadata