ln-724-artifact-cleaner
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill performs targeted file and directory deletions (
rm,rm -rf) to remove identified platform configuration files such as .replit and .cache/. These operations are the primary function of the skill and are protected by a mandatory user confirmation step. - [PROMPT_INJECTION]: The skill scans project files like package.json and source code comments for artifact patterns, representing a surface for indirect prompt injection. The risk is minimized by the use of specific regex patterns and the requirement for manual review of the preview summary.
- Ingestion points: Reads local configuration and source files within the project directory.
- Boundary markers: Not explicitly used; the agent relies on predefined pattern matching.
- Capability inventory: Restricted to file deletion and text modification within the project scope.
- Sanitization: Processes data using literal string and regex patterns for artifact identification.
- [EXTERNAL_DOWNLOADS]: The workflow documentation file diagram.html references the Mermaid.js visualization library from the jsDelivr CDN service.
Audit Metadata