everything-search
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external command-line tools, specifically the 'es' (Everything CLI) utility and PowerShell commands (Get-ChildItem), to perform file system operations.
- [DATA_EXPOSURE]: The skill enables full-disk search capabilities, allowing the agent to locate files across the entire Windows file system, including sensitive user directories like Documents and potentially application data. While the instructions specify 'read-only' behavior, the capability itself provides significant visibility into the host file system.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The agent ingests file names and paths returned by the search commands (es and Get-ChildItem) into its context.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the results of the search (which may include attacker-controlled filenames) as untrusted data.
- Capability inventory: The skill has the ability to execute CLI commands and PowerShell scripts to query the system.
- Sanitization: There is no evidence of sanitization or filtering of the file metadata returned by the operating system before it is processed by the agent.
Audit Metadata