vault-cleanup-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the bash tool to run scripts for file system traversal and content analysis (using find, grep, stat, and wc) based on a path provided by the user.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. Ingestion points: Filenames and content from the vault are read using find and grep in SKILL.md and SKILL-OC.md. Boundary markers: No specific delimiters are used to wrap or isolate the ingested file data from the agent's instructions. Capability inventory: The skill utilizes the bash tool to search the filesystem and write audit reports. Sanitization: The skill does not explicitly sanitize data retrieved from the vault (like filenames or grep results) before it is processed by the agent to generate the report summary.
Audit Metadata