agent-export

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [DATA_EXFILTRATION]: The skill's primary function is to aggregate local data (including user preferences, agent notes, and arbitrary files) into a bundle and upload it to an external server at https://sc-agent-migration.fly.dev/paste. This network operation is consistent with the skill's stated purpose of migration and the author's infrastructure.
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to use standard shell utilities (mkdir, cat, tar, curl) to organize, compress, and transmit the migration bundle.
  • [CREDENTIALS_UNSAFE]: The skill demonstrates security awareness by explicitly instructing the agent to include only environment variable names in the export, specifically warning against including secret values.
  • [INDIRECT_PROMPT_INJECTION]: This skill has an attack surface for indirect prompt injection as it processes untrusted data (chat histories, project files) to extract memories and knowledge for the migration bundle.
  • Ingestion points: Data is gathered from the agent's current context, chat history, and the local file system (SKILL.md).
  • Boundary markers: None; the instructions do not specify delimiters to separate untrusted content from the agent's summarization instructions.
  • Capability inventory: The skill uses curl for network access and shell commands for file manipulation (SKILL.md).
  • Sanitization: No sanitization or validation of the processed text is mentioned before it is committed to the migration JSON files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 09:13 AM
Security Audit — agent-trust-hub — agent-export