Skills
skills/jwa91/agentskills/mac-cleanup/Gen Agent Trust Hub

mac-cleanup

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on system commands to discover disk usage and perform cleanup tasks.\n
  • The scripts/scan.py utility uses subprocess.run to execute commands such as uname, brew, and docker to gather system information.\n
  • The agent is instructed to execute cleanup commands like rm, git branch -d, and osascript (for managing the Trash), all of which are governed by a strict requirement for explicit user approval before execution.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core functionality of scanning the local filesystem.\n
  • Ingestion points: scripts/scan.py performs directory traversal and reads names of files and directories (e.g., within ~/Developer and ~/Downloads) to identify cleanup targets.\n
  • Capability inventory: The skill has the capability to perform file deletions and execute shell commands based on the paths it identifies.\n
  • Sanitization: The risk is mitigated by explicit instructions requiring the agent to present all findings to the user and obtain confirmation before running any command.\n
  • Boundary markers: The agent's instructions include clear rules to avoid system-critical directories and respect user-defined skip paths.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:56 PM