vp-env-secrets
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from local configuration files which could contain malicious instructions.\n
- Ingestion points: Environment files (.env, .env.*) in the working directory or user home directory as processed by scripts/envctl.\n
- Boundary markers: The skill instructions mandate that the agent only lists key names and uses a specific secure workflow for staging secrets to avoid chat exposure.\n
- Capability inventory: The scripts/envctl script can execute arbitrary shell commands through its 'run' command.\n
- Sanitization: The helper script implements a check to prevent the loading of environment files that contain command substitution syntax unless the user provides an explicit override.\n- [COMMAND_EXECUTION]: The helper script scripts/envctl executes various system commands (e.g., stat, grep, sed, git) and wraps the execution of the external dotenvx utility.\n- [EXTERNAL_DOWNLOADS]: The skill mentions the dotenvx utility and suggests installation via official package registries such as npm or system package managers like Homebrew.
Audit Metadata