file-uploads

The skill description aligns with secure file upload concepts in principle but exhibits critical gaps: absence of concrete validation for file types and sizes, potential path traversal via filenames, and unclear controls around presigned URL generation/distribution. These gaps enable serious attack vectors if implemented as described. The footprint is proportionate to file-upload functionality, but the risk posture is high due to the critical validation and access-control gaps. A robust implementation must enforce strict content validation (magic bytes), filename/path sanitization, strict size limits with streaming, scoped presigned URLs with short lifetimes, and explicit authentication for URL generation. Without these controls, the skill remains suspicious and requires tightening before use in production.