here-now
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation and script error handling suggest an installation method for dependencies (specifically jq) using a piped-to-shell command from the vendor's official domain (https://here.now/install.sh). As this targets the vendor's own infrastructure, it is documented as a neutral dependency management pattern.
- [DATA_EXFILTRATION]: The publish.sh script manages API credentials stored in the user's home directory (~/.herenow/credentials). It includes an explicit security guard that prevents authentication tokens from being sent to any domain other than the official here.now API base URL, mitigating the risk of credential leaking during misconfiguration.
- [COMMAND_EXECUTION]: The skill utilizes standard system binaries including curl, jq, find, and file to package local files and communicate with the publishing API. All operations are confined to the files and directories explicitly provided by the user as arguments.
- [PROMPT_INJECTION]: The skill outputs publishing metadata (such as claim URLs) for the agent to read. The script implements protocol validation to ensure that any URLs returned by the server use the HTTPS protocol before they are presented as safe links.
Audit Metadata