Skills
skills/caoliao/deepscan-skills/deepscan-delete-record/Gen Agent Trust Hub

deepscan-delete-record

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses local sensitive files associated with the vendor's infrastructure to manage authentication and configuration.
  • Reads the authentication token from ~/.deepscan/token to authorize API requests to the vendor's domain (data.cli.im).
  • Accesses and modifies ~/.deepscan/config.json and ~/.deepscan/records_cache.json to store session-specific metadata and record history.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted data from a remote API (Category 8).
  • Ingestion points: Remote scan results and remarks are fetched via scripts/delete_record.py and interpolated into the agent's context for display.
  • Boundary markers: The skill does not use delimiters or instructions to ignore potential commands embedded within the retrieved scan data.
  • Capability inventory: The script has the capability to delete remote records through authenticated POST requests to the DeepScan API.
  • Sanitization: No sanitization or filtering of the remote record content is performed before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 05:47 PM