Skills
skills/winsorllc/upgraded-carnival/clipboard-manager/Gen Agent Trust Hub

clipboard-manager

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script executes system-level commands to interact with the host clipboard.
  • Evidence: Uses child_process.execSync and child_process.spawn to call platform-specific utilities including clip, powershell, pbcopy, pbpaste, xclip, or xsel based on operating system detection.
  • [DATA_EXFILTRATION]: The skill provides the ability to read the system clipboard, which is a source of potentially sensitive data (e.g., passwords or tokens).
  • Evidence: The paste and watch commands in clipboard.js retrieve and log the current clipboard contents to the console. This behavior is documented and aligns with the skill's primary purpose.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting untrusted data from the system clipboard.
  • Ingestion points: clipboard.js via the pasteFromClipboard function which reads directly from system utilities.
  • Boundary markers: None; content is retrieved and returned as a raw string without delimiters.
  • Capability inventory: The skill has the ability to execute shell commands and read system state.
  • Sanitization: None; clipboard content is processed and displayed without filtering or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:10 AM