project-workspace-cleaner
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates explicit negative constraints in its workflow and prompt templates, forbidding the agent from performing destructive commands or automatic file deletions.
- [DATA_EXFILTRATION]: Technical review of the Python script confirms it does not utilize any network libraries or functions. It only accesses file metadata (size and modification time) for reporting purposes.
- [COMMAND_EXECUTION]: The scanning logic relies on native Python filesystem APIs like os.walk and path.stat, avoiding the use of subprocesses or shell command execution.
- [REMOTE_CODE_EXECUTION]: No remote scripts or dynamic code execution patterns are present. Configuration files are parsed using PyYAML's safe_load method to prevent deserialization vulnerabilities.
- [SAFE]: The skill follows the principle of least privilege, providing read-only insights into repository storage usage without requesting or using sensitive permissions.
Audit Metadata