skills/zackkorman/skills/weird-4/Gen Agent Trust Hub

weird-4

Warn

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: MEDIUMDATA_EXFILTRATION
Full Analysis

The skill file contains the path ../../../.env-example. This path exhibits directory traversal (../), attempting to access files outside the skill's designated directory. While .env-example is an example configuration file, the pattern of accessing such files with directory traversal is a significant security concern. It indicates a potential attempt at information disclosure or unauthorized file access, as this technique could easily be adapted to target actual sensitive configuration files (e.g., .env) or credential files (e.g., ~/.aws/credentials). This finding is categorized as MEDIUM due to the combination of sensitive file type reference and directory traversal, which poses a risk of data exfiltration.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 12, 2026, 06:00 PM
Security Audit — agent-trust-hub — weird-4