process-cleanup
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION]: The script
scripts/cleanup-report.shperforms a system-wide scan of running processes and listening network ports. This data collection includes process IDs, command-line arguments, and memory usage metrics, which are sensitive environment metadata.\n- [COMMAND_EXECUTION]: The skill's primary purpose is to facilitate the termination of processes by generatingkillcommands. While execution is intended to be user-initiated, the automated generation of these commands based on calculated 'waste scores' poses a risk of disrupting critical processes if misidentified.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes command-line strings from the system process list, which can be influenced by any running application. A malicious process could use a crafted name to deliver instructions to the agent during the reporting phase.\n - Ingestion points: System process command lines retrieved in
scripts/cleanup-report.shvia thepscommand.\n - Boundary markers: The collected data is structured into a JSON format before being presented to the agent.\n
- Capability inventory: The agent utilizing this skill has access to the
Bashtool and is tasked with recommending process termination.\n - Sanitization: The script implements character escaping for JSON validity but does not sanitize the process names for potential natural language instructions.\n- [EXTERNAL_DOWNLOADS]: The benchmark metadata configuration references a resource on the author's official GitHub repository (
github.com/b-open-io). This is documented as a vendor-managed resource used for development and evaluation purposes.
Audit Metadata