storage-development
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill promotes the installation of @rytass/storages and associated adapter packages. These packages belong to an organization not listed as a trusted source, presenting a potential supply chain risk.
- Indirect Prompt Injection (LOW): The documented StorageInterface and Storage class ingest untrusted data (InputFile) through write operations. 1. Ingestion points: write() and batchWrite() methods in SKILL.md. 2. Boundary markers: Absent from the interface contract. 3. Capability inventory: Includes methods for writing, reading, and removing files from various storage providers. 4. Sanitization: Mentions automatic hash-based filename generation which provides partial sanitization of file identifiers.
Audit Metadata