filesystem
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists of documentation and boilerplate hooks for managing local files using native agent capabilities and contains no malicious logic.
- [COMMAND_EXECUTION]: The instructions demonstrate using the Bash tool for common directory tasks like listing (ls), creating (mkdir), and moving (mv) files.
- [PROMPT_INJECTION]: The skill establishes an inherent surface for indirect prompt injection by processing file contents from the local filesystem.
- Ingestion points: File reading and content searching via the Read, Grep, and Glob tools (SKILL.md).
- Boundary markers: Not present; instructions do not provide delimiters for untrusted file content.
- Capability inventory: Includes modification tools (Write, Edit) and command execution (Bash).
- Sanitization: Not present for ingested file content.
Audit Metadata