cost-export
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script located at
plugins/ruflo-cost-tracker/scripts/export.mjsusing the Bash tool to process and format telemetry data. - [DATA_EXFILTRATION]: The skill's primary function is to transmit internal telemetry data, including session identifiers and budget configurations, to external destinations via HTTP POST requests (webhooks) or local filesystem writes (Prometheus textfiles) as directed by command arguments.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits a potential attack surface by ingesting internal session data and providing network and filesystem write capabilities. 1. Ingestion points: The skill reads
session-*andbudget-config-*records from thecost-trackingnamespace in AgentDB. 2. Boundary markers: No delimiters or ignore-embedded-instruction warnings are present in the instruction set. 3. Capability inventory: The skill has the capability to write to the filesystem (via--prometheus) and perform network POST requests (via--webhook). 4. Sanitization: The instructions do not specify sanitization or validation logic for the telemetry data being exported.
Audit Metadata