Skills
skills/giggle-official/skills/giggle-files-management/Gen Agent Trust Hub

giggle-files-management

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill is designed to upload local files to the Giggle asset service at giggle.pro. The script scripts/upload.sh reads local file content and transmits it via curl to external endpoints. This behavior is expected for the skill's stated purpose but represents a significant capability for data exfiltration.
  • [COMMAND_EXECUTION]: The skill executes a bash script (scripts/upload.sh) that utilizes system binaries curl and jq to perform network operations and process API responses.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its automated file-sharing instructions. A malicious actor could potentially trick the agent into 'sharing' sensitive files, triggering the upload mechanism.
  • Ingestion points: File paths provided to upload.sh within the agent's execution context (SKILL.md).
  • Boundary markers: Absent. The skill lacks instructions to prevent the agent from uploading sensitive system directories or hidden configuration files.
  • Capability inventory: Execution of shell scripts, network exfiltration via curl, and file system read access.
  • Sanitization: The upload.sh script checks for file existence but does not implement path validation or restrictions to block access to sensitive locations like .ssh/ or environment files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 02:16 AM