Skills
skills/winsorllc/upgraded-carnival/disk-manager/Gen Agent Trust Hub

disk-manager

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local shell script {baseDir}/disk.sh to perform disk analysis, search for files, and manage storage.
  • [COMMAND_EXECUTION]: Includes a --delete flag that allows the agent to perform destructive filesystem operations, such as removing old or temporary files.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data (filenames and directory paths) from the host system that could potentially contain malicious instructions.
  • Ingestion points: Filesystem metadata is read from the local system through commands like du, find, and df.
  • Boundary markers: No delimiters or specific instructions to ignore embedded content within filenames are provided.
  • Capability inventory: The skill can execute shell commands and delete files via the disk.sh script.
  • Sanitization: No input validation or sanitization for filenames or paths is documented for the underlying script.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:10 AM