filesystem
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the use of the Bash tool for various system operations, including file deletion and permission changes. Evidence includes examples for deleting directories with 'rm -r' and mentions of using 'chmod' to resolve permission issues in the Error Handling section of SKILL.md.
- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by reading external file content. Ingestion points: The 'Read' and 'Grep' tools ingest file contents into the agent context (SKILL.md). Boundary markers: Absent; there are no instructions provided to the agent to ignore or delimit embedded commands found in files. Capability inventory: Significant; the agent can use 'Write', 'Edit', and 'Bash' tools to modify the environment (SKILL.md). Sanitization: Absent; no validation or escaping of file content is described.
Audit Metadata