refresh-index
Warn
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to perform filesystem indexing. Evidence: Step 2 uses 'find . -type f [exclusion flags] -exec ls -lh {} ;' via the Bash tool. Risk: The command is dynamically assembled using flags derived from a local configuration file, which could allow shell injection if the file is maliciously crafted.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through untrusted data ingestion.
- Ingestion points: 'memory/index_config.json' (Step 1).
- Boundary markers: None identified.
- Capability inventory: Access to Bash, Read, and Write tools.
- Sanitization: No logic is provided to sanitize the configuration content before its use in system commands.
Audit Metadata