Skills
skills/steipete/clawdis/openclaw-secret-scanning-maintainer/Gen Agent Trust Hub

openclaw-secret-scanning-maintainer

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/secret-scanning.mjs uses the GitHub CLI (gh) to perform administrative actions such as deleting comments and redacting bodies. These operations are performed using secure execution methods (spawnSync) to prevent shell injection.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it processes untrusted user content from GitHub. A mandatory evidence chain is identified: (1) Ingestion points: Content is downloaded via the fetch-content command in scripts/secret-scanning.mjs into temporary files; (2) Boundary markers: No explicit delimiters are used in SKILL.md when the agent reads the downloaded content; (3) Capability inventory: scripts/secret-scanning.mjs allows administrative actions like comment deletion and alert resolution; (4) Sanitization: No specific filtering is applied to the ingested content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:47 PM
Security Audit — agent-trust-hub — openclaw-secret-scanning-maintainer