The Agent Skills Directory

[SAFE]: The skill implements industry-standard secrets management practices. No malicious patterns, obfuscation, or unauthorized data exfiltration were detected.
[CREDENTIALS_UNSAFE]: Analysis of SKILL.md and scripts/agent.py shows that all credentials provided are well-known placeholders (e.g., 'AKIAEXAMPLE', 'initial-password') or are intended to be supplied via environment variables (VAULT_TOKEN). Instructions explicitly recommend rotating root credentials and using short-lived dynamic secrets.
[EXTERNAL_DOWNLOADS]: The skill references standard, well-known libraries (hvac, requests) through official package managers. These are legitimate dependencies for interacting with the HashiCorp Vault API.
[DATA_EXFILTRATION]: While scripts/agent.py is capable of reading secrets from a Vault instance, it does so within the context of legitimate management operations. It includes masking logic (v[:3] + "***") for console output to prevent accidental exposure in logs.
[INDIRECT_PROMPT_INJECTION]: The skill possesses an ingestion surface where the agent reads data from an external source (HashiCorp Vault). While this presents a theoretical surface for indirect prompt injection if Vault contents were controlled by an attacker, the risk is mitigated by the primary purpose of the skill (secrets management) and the use of structured data formats.

implementing-secrets-management-with-vault