account-delete
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill executes shell commands to delete files. While destructive, this is the primary purpose of the skill. No privilege escalation is requested. Evidence: 'rm .claude/ads-agent/config/briefs/{account}.md'.
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection (Category 8) because it reads data from a local file and uses it to construct shell commands without explicit sanitization. 1. Ingestion point: '.claude/ads-agent/config/ad_accounts.md'. 2. Boundary markers: Absent. 3. Capability inventory: File deletion via 'rm'. 4. Sanitization: Absent.
Audit Metadata