cred-omega
Warn
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell tools such as ripgrep, find, and git to perform deep scans of the repository and operating system for auditing purposes.
- [DATA_EXFILTRATION]: The skill searches for and reads highly sensitive file paths, including SSH keys (~/.ssh/id_rsa), cloud provider JSON credentials, and environment files (.env). This is necessary for its core function but exposes high-value credentials.
- [DATA_EXFILTRATION]: The skill executes the env command to inspect environment variables. It incorporates a redaction mechanism using sed to mask the values of detected secrets, reducing the risk of accidental disclosure in output logs.
- [PROMPT_INJECTION]: Vulnerability surface identified for indirect injection.
- Ingestion points: The skill scans file contents and git logs throughout the project using ripgrep and git grep.
- Boundary markers: No delimiters or specific instructions to ignore embedded content are used for the data being read.
- Capability inventory: The skill has broad filesystem access and shell execution capabilities through tools like claude-code and antigravity.
- Sanitization: While redaction is applied to environment variables, there is no validation or filtering for text content ingested from scanned files.
Audit Metadata