Skills
skills/adfoke/cleanuagent/cleanuagent-sanitizer/Gen Agent Trust Hub

cleanuagent-sanitizer

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the uv run command to execute a local tool (cleanuagent).
  • [EXTERNAL_DOWNLOADS]: The CLI tool employs a --sync-remote flag, which suggests it may download configuration or code updates from a remote server at runtime.
  • [PROMPT_INJECTION]: The skill includes instructions that attempt to constrain the agent's writing style. While functional, these instructions directly influence the core logic of the model's generation process.
  • [INDIRECT_PROMPT_INJECTION]: The skill is specifically designed to ingest and process untrusted data from web pages and external text sources.
  • Ingestion points: ContentCleaner.clean_url(...) and uv run cleanuagent url <URL> functions in SKILL.md indicate ingestion of arbitrary web content.
  • Boundary markers: There are no specific delimiters or 'ignore' instructions provided to the agent to prevent malicious content within the cleaned data from being interpreted as instructions.
  • Capability inventory: The skill has the ability to execute CLI commands and perform network requests to retrieve URL content.
  • Sanitization: While the tool aims to remove 'marketing jargon', it lacks security-focused sanitization to strip potential prompt injection attacks hidden in the scraped source material.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 07:17 AM