cost-export
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a Node.js script located at
plugins/ruflo-cost-tracker/scripts/export.mjs. This script is responsible for reading the database and formatting the output. - [DATA_EXFILTRATION]: The skill provides functionality to send session telemetry and budget data to external webhook URLs provided via the
--webhookargument. While this is the intended purpose of the export tool, it involves transmitting internal agent data to external network endpoints. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes telemetry records from the agent's database.
- Ingestion points: The script reads
session-*andbudget-config-*records from thecost-trackingnamespace in AgentDB. - Boundary markers: No delimiters or explicit instructions to ignore embedded content within the records are present in the skill instructions.
- Capability inventory: The skill utilizes Bash to execute Node.js scripts and can write to the local filesystem or make network requests.
- Sanitization: Sanitization is not defined in the skill instructions and is presumably managed within the logic of the external JavaScript exporter.
Audit Metadata