lev-find
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands to perform searches, including
find,grep,jq, andcurl. It also executes a local JavaScript file located at~/lev/workshop/poc/lookup/cli.js. - [DATA_EXFILTRATION]: The skill accesses sensitive local file paths, specifically session history logs at
~/.clawdbot/agents/main/sessions. It also mandates sending user queries and research context to external, non-whitelisted third-party APIs (Exa and Valyu). This combination creates a risk where sensitive information stored in session history or user queries could be sent to external research backends. - [EXTERNAL_DOWNLOADS]: The skill requires integration with external third-party services (Exa, Valyu, Brave Search, etc.) that are not part of the trusted vendors list. It explicitly mandates loading these backends for any research-scoped query.
- [PROMPT_INJECTION]: The skill includes a 'Prompt Architect Overlay' section that uses role-play techniques to define a specific operating persona ('prompt-architect-enhanced specialist') and set of 'contracts' for the agent, which could be used to influence or override standard agent behavior logic.
Audit Metadata