secrets-management
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a guide for secrets management and does not contain any executable malicious payloads.
- Documentation uses standard placeholders for demonstration purposes (e.g., 'root', 'secret', 'admin', 'super-secret-password').
- Correctly promotes secure patterns such as using
${{ secrets.VAULT_TOKEN }}and AWS Secret Manager rather than hardcoding credentials. - Incorporates official and well-known industry tools such as HashiCorp Vault, AWS CLI, and TruffleHog for secret scanning.
- No evidence of prompt injection, data exfiltration, or unauthorized command execution was found.
Audit Metadata