team-delete
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute the
rmcommand, a destructive operation. While intended for deleting configuration files in the.team-profiles/directory, there is an inherent risk of path traversal if the configuration name is not strictly validated, potentially allowing the deletion of files outside the target directory.\n- [PROMPT_INJECTION]: The skill processes untrusted data from local YAML files to generate summaries for the user, creating an attack surface for indirect prompt injection.\n - Ingestion points: The skill scans and reads YAML files from the
.team-profiles/directory (SKILL.md).\n - Boundary markers: A confirmation prompt (
AskUserQuestion) is presented to the user before the deletion occurs.\n - Capability inventory: The skill is capable of executing file system commands (
rm) via the Bash tool.\n - Sanitization: No explicit sanitization or validation of the file paths or YAML content is documented.
Audit Metadata