Skills
skills/rethinking-studio/clawpilot-skills/clawpilot-send/Gen Agent Trust Hub

clawpilot-send

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the clawpilot command-line tool, a vendor-specific utility, to handle file transfers.
  • [DATA_EXFILTRATION]: The skill is designed to transmit local files to an external mobile relay. It enforces a 20MB file size limit but lacks restrictions on the file system locations from which files can be sourced.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it resolves file paths based on user input without adequate path sanitization or directory whitelisting.
  • Ingestion points: File paths or filenames provided in user requests (SKILL.md).
  • Boundary markers: No specific delimiters or instructions are used to separate untrusted user input from the command execution context.
  • Capability inventory: Execution of shell commands via clawpilot send with access to the agent's filesystem (SKILL.md).
  • Sanitization: Validation is limited to file size checks (< 20MB); there is no validation of the resolved absolute path to ensure it resides within a safe directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 01:36 PM