Skills
skills/nesnilnehc/ai-cortex/prune-content/Gen Agent Trust Hub

prune-content

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands including git mv, mv, and rm to archive or delete files within the project repository as described in the behavior section of SKILL.md.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and acts upon repository context that may be controlled by an attacker.
  • Ingestion points: The skill accepts user_instruction, file_list, and context as inputs, specifically utilizing findings from other tools like onboard-repo to identify targets (SKILL.md, agent.yaml).
  • Boundary markers: The skill explicitly requires user confirmation of the proposed plan before execution, acting as a manual checkpoint (SKILL.md).
  • Capability inventory: The skill can move and remove files using git mv, mv, and rm across the repository (SKILL.md).
  • Sanitization: There is no automated sanitization of the input context; the skill relies entirely on the user to review and approve the suggested operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 04:28 PM