move-files
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard terminal
mvcommands to perform file moves, which is the primary intended functionality to ensure Git tracks file history correctly. - [PROMPT_INJECTION]: The skill processes user-provided file paths to construct shell commands, which presents a surface for indirect prompt injection. 1. Ingestion points: User-specified source and destination file paths. 2. Boundary markers: None. 3. Capability inventory: Terminal command execution (
mv) and file system write operations for content updates. 4. Sanitization: No sanitization or validation of the input paths is described in the skill.
Audit Metadata