Skills
skills/signadot/agent-skills/signadot-validate/Gen Agent Trust Hub

signadot-validate

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses eval $(signadot sandbox get-env <sandbox-name>) to dynamically set environment variables. This pattern executes the output of the Signadot CLI directly in the shell, which could be exploited if the CLI output were compromised.
  • [COMMAND_EXECUTION]: The skill is designed to discover and execute repository-owned build and start commands (e.g., make, npm run, yarn). This grants the agent the capability to run arbitrary code defined within the project repository.
  • [COMMAND_EXECUTION]: The skill mentions the use of sudo signadot local connect for local network stack modification. While it explicitly instructs the agent to ask the user to run this command manually, it establishes a workflow involving privilege escalation.
  • [DATA_EXFILTRATION]: The skill's primary workflow involves reading Kubernetes Secrets and ConfigMaps to reconstruct environment variables. Although this is a high-risk data access pattern, the skill includes strong mitigation instructions, specifically mandating the redaction of secret values in logs and summaries.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 11:57 PM
Security Audit — agent-trust-hub — signadot-validate