r2-upload
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation and prerequisites require the manual installation of the 'pyyaml' Python package via pip.
- [DATA_EXFILTRATION] (LOW): The core functionality of the skill is to upload local files to remote storage endpoints. This capability represents a significant exfiltration surface if an attacker can influence the file path or destination via a separate injection attack.
- [PROMPT_INJECTION] (LOW): The skill possesses an attack surface for indirect prompt injection as it processes file paths and configuration parameters without explicit boundary markers or safety instructions to ignore embedded commands. Evidence: 1. Ingestion: 'scripts/r2-upload.py' takes file paths from arguments. 2. Boundary markers: Absent. 3. Capability: The skill performs network uploads of local data. 4. Sanitization: No sanitization or path validation is visible in the provided CLI wrapper.
- [CREDENTIALS_UNSAFE] (SAFE): Documentation examples use standard industry placeholders (e.g., 'AKIA...EXAMPLE') for S3 credentials rather than actual secrets.
Audit Metadata