tahr-audit-secrets-config
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate security tool with explicit safety guardrails.
- [DATA_EXFILTRATION]: While the skill accesses sensitive configuration files and secrets, it contains strict instructions to never print or persist raw secrets, requiring redaction and fingerprinting instead. It also explicitly forbids validating credentials against external providers without user consent.
- [PROMPT_INJECTION]: The skill processes untrusted user data (source code and configs) which presents a surface for indirect prompt injection. Ingestion points: source code, lockfiles, and CI/CD manifests in SKILL.md. Boundary markers: Absent. Capability inventory: File read and text search. Sanitization: Redaction and fingerprinting of discovered values. The audit workflow emphasizes reachability and evidence-based confirmation, reducing the risk of the agent following malicious instructions embedded in the audited data.
Audit Metadata