file-manager
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to perform file system tasks such as directory creation, file moving, and content searching. It includes guidelines to avoid modifying core system directories like /System or /usr.\n- [PROMPT_INJECTION]: There is a risk of indirect prompt injection because the skill reads data from local files that could contain malicious instructions.\n
- Ingestion points: The skill uses
ls,find, andgrepto read file names and contents into the agent context.\n - Boundary markers: No specific markers or delimiters are used to identify file data as untrusted or to instruct the agent to ignore embedded commands.\n
- Capability inventory: The skill possesses the capability to move, rename, and search files across the user's directory structure.\n
- Sanitization: The skill mandates double-quoting paths to mitigate risks associated with special characters in filenames.
Audit Metadata