Skills
skills/naohainezha/skill/file-manager/Gen Agent Trust Hub

file-manager

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill enables arbitrary Bash command execution for file operations, including destructive actions like rm -rf in the user's trash and potential for accidental bulk deletion through tools like find and mv.
  • [DATA_EXFILTRATION] (HIGH): The skill explicitly targets sensitive user directories such as ~/Documents and ~/Desktop. Access to these paths constitutes high data exposure risk even in the absence of network commands.
  • [PROMPT_INJECTION] (HIGH): High vulnerability to Indirect Prompt Injection (Category 8). The skill processes untrusted external data (filenames and directory structures) and possesses significant write/delete capabilities. 1. Ingestion points: Filenames and metadata retrieved via find and ls. 2. Boundary markers: Absent. 3. Capability inventory: mv, mkdir, rm, zip, tar, and the Write tool. 4. Sanitization: Absent. A malicious file could be named to manipulate agent logic or escape shell command contexts.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 06:53 AM