file-search
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is primarily a documentation resource that provides dozens of examples for executing shell commands using specialized search utilities (
rg,fd,sg,rga,tokei,scc). These commands interact with the file system and read file contents. - [EXTERNAL_DOWNLOADS]: The documentation includes instructions for installing tools via common package managers such as
apt,brew,cargo,go, andnpm. These references point to legitimate, well-known software distributions and official repositories. - [PROMPT_INJECTION]: The skill facilitates the processing of untrusted data from a codebase, which presents an attack surface for indirect prompt injection where malicious instructions hidden in files could influence the agent's behavior.
- Ingestion points: Search results from
rg,fd,sg, andrgawhich parse arbitrary file contents and names (e.g., inSKILL.mdandreferences/search-strategies.md). - Boundary markers: Absent; the skill does not provide specific instructions or delimiters to isolate search results or warn the agent to ignore embedded instructions within processed files.
- Capability inventory: The skill empowers the agent with capabilities to read, search, and structurally rewrite files (via
ast-grepinreferences/ast-grep-patterns.md), which could be exploited if the agent obeys instructions found in search results. - Sanitization: Absent; there is no guidance for filtering, escaping, or validating file content before it is processed by the agent.
Audit Metadata