agent-export
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill's primary function is to aggregate local data (including user preferences, agent notes, and arbitrary files) into a bundle and upload it to an external server at
https://sc-agent-migration.fly.dev/paste. This network operation is consistent with the skill's stated purpose of migration and the author's infrastructure. - [COMMAND_EXECUTION]: The skill provides instructions for the agent to use standard shell utilities (
mkdir,cat,tar,curl) to organize, compress, and transmit the migration bundle. - [CREDENTIALS_UNSAFE]: The skill demonstrates security awareness by explicitly instructing the agent to include only environment variable names in the export, specifically warning against including secret values.
- [INDIRECT_PROMPT_INJECTION]: This skill has an attack surface for indirect prompt injection as it processes untrusted data (chat histories, project files) to extract memories and knowledge for the migration bundle.
- Ingestion points: Data is gathered from the agent's current context, chat history, and the local file system (SKILL.md).
- Boundary markers: None; the instructions do not specify delimiters to separate untrusted content from the agent's summarization instructions.
- Capability inventory: The skill uses
curlfor network access and shell commands for file manipulation (SKILL.md). - Sanitization: No sanitization or validation of the processed text is mentioned before it is committed to the migration JSON files.
Audit Metadata