viewing-files
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill provides examples of viewing files like /etc/hosts to demonstrate feature support for non-printable characters. This is a standard illustrative example for a file viewing utility and does not constitute a security risk in this context.
- [Indirect Prompt Injection] (LOW): The skill's primary function is to read and display file contents, which are untrusted by nature. This is an inherent attack surface for any file-reading utility. No malicious instruction chains or exploitable capabilities were identified. Evidence: 1. Ingestion: File paths and content processed via bat command. 2. Boundary markers: Absent. 3. Capability inventory: Local file reading and output formatting. 4. Sanitization: None. Severity is dropped to SAFE as this behavior is fundamental to the tool's intended use case.
Audit Metadata