tao-analyze-changenet-rca
Warn
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The
hooks/rca-package.shscript is designed to copy the agent's local settings files (settings.jsonandsettings.local.json) from the project configuration folder into the analysis results directory. These files often contain sensitive information such as API keys and authentication tokens, leading to a risk of credential exposure if the results are shared. - [DATA_EXFILTRATION]: The packaging process in
hooks/rca-package.shautomatically captures the full session transcript (claude_session.jsonl) and places it in the results folder. This exposes the entire conversation history, which may include sensitive data, internal paths, or proprietary information discussed during the analysis session. - [COMMAND_EXECUTION]: The skill's investigation workflow (defined in
references/phases.md) involves the agent dynamically writing and executing Python scripts to process experiment data, audit images, and generate thumbnails. This reliance on runtime code generation from potentially untrusted experiment CSV files and configurations represents a vector for command execution.
Audit Metadata