Skills
skills/richfrem/agent-plugins-skills/rlm-cleanup-agent/Gen Agent Trust Hub

rlm-cleanup-agent

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection during its core distillation process.\n
  • Ingestion points: The scripts/distiller.py script reads the raw content of local files (as defined in rlm_profiles.json) to generate semantic summaries via a local LLM (Ollama).\n
  • Boundary markers: The prompt templates in resources/prompts/rlm/rlm_summarize_general.md and rlm_summarize_tool.md use markdown-style headers to delimit source content but lack explicit instructions for the model to ignore or sanitize embedded commands within that content.\n
  • Capability inventory: The skill utilizes Bash, Read, and Write tools to perform filesystem maintenance and execute its internal Python logic.\n
  • Sanitization: The scripts/distiller.py script performs character-count truncation but does not filter for prompt injection markers before passing data to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 07:44 AM