tar-compression
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill documents the use of standard system utilities for file management. It includes bash scripts for routine tasks like website and database backups.
- [Data Exposure & Exfiltration] (SAFE): While the skill references network operations (SSH) and database utilities (mysqldump, pg_dump), it correctly uses placeholders and standard flags that do not hardcode credentials or expose sensitive data.
- [Remote Code Execution] (SAFE): There are no instances of downloading and executing external scripts or unverified third-party dependencies.
- [Persistence Mechanisms] (SAFE): No attempts to modify startup scripts, crontabs, or system services for persistence were detected.
- [Indirect Prompt Injection] (LOW): As a utility for file processing, the skill technically has an ingestion surface (reading local files). However, it does not involve the unsupervised processing of untrusted external data into high-privilege prompts.
Audit Metadata