Skills
skills/paulrberg/agent-skills/process-cleanup/Gen Agent Trust Hub

process-cleanup

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script executes the procs CLI tool to gather process data and utilizes os.popen within a Python subprocess to re-verify process states.
  • [EXTERNAL_DOWNLOADS]: The skill documentation and script error messages reference the procs utility from the dalance/procs repository.
  • [COMMAND_EXECUTION]: The helper script uses python3 -c to execute a block of logic where internal shell variables are interpolated directly into the Python source code string.
  • [PROMPT_INJECTION]: The skill processes data from the system's process list. The lack of sanitization when displaying process commands represents an indirect prompt injection surface.
  • Ingestion points: JSON output from the procs command in scripts/kill-zombies.sh.
  • Boundary markers: Absent.
  • Capability inventory: Process signaling via os.kill and command execution via os.popen in scripts/kill-zombies.sh.
  • Sanitization: None.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 03:15 PM