rclone
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the rclone installation script from the official rclone.org website.
- [REMOTE_CODE_EXECUTION]: Executes the rclone installation script directly using sudo bash as part of the setup process.
- [COMMAND_EXECUTION]: Uses sudo for system package management and executes rclone commands for configuration and file management tasks.
- [DATA_EXFILTRATION]: Manages cloud storage credentials and remote configurations. No evidence of data exfiltration to unauthorized domains is present in the skill code.
- [PROMPT_INJECTION]: Ingests remote file and directory names (ingestion points: rclone ls, rclone lsd) without boundary markers or sanitization, which could potentially expose the agent to indirect prompt injection from malicious external data. The skill has capabilities to write and delete files (capability inventory: rclone copy, rclone sync).
Audit Metadata