safe-rm
Fail
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions that attempt to override the AI agent's standard safety behavior by explicitly stating that 'user permission is not required for deletion' because it is 'quicker than usual methods.' This is a direct attempt to bypass the safety convention that requires agents to confirm destructive actions with the user.
- [COMMAND_EXECUTION]: The skill promotes the use of dangerous commands such as 'rm -rf' on user-provided paths. It specifically advises using 'rm -rf' for files and directories located outside of the current git repository, which bypasses the backup logic of the 'ai-safe-rm' script and poses a high risk of accidental or malicious data destruction.
- [COMMAND_EXECUTION]: The skill relies on a non-standard, external command 'ai-safe-rm' which is not part of any common operating system distribution. The lack of provided source code or integrity verification for this script means it could perform unintended or malicious actions in the user's environment.
Recommendations
- AI detected serious security threats
Audit Metadata