file-sharing

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill suggests using standard system utilities such as ls -la and pwd for diagnostic purposes. These commands are used to verify the local state of shared task directories and are restricted to relative paths defined within the task scope.
  • [SAFE]: The skill includes explicit prohibitions against accessing sensitive absolute paths (e.g., /root/hiclaw-fs/, hiclaw-storage/) and mandates the use of specific relative paths for project and task context. This promotes data isolation and adheres to the principle of least privilege.
  • [SAFE]: Template variables such as {task-id} and {project-id} are used to construct paths for the filesync tool. While these represent ingestion points for metadata, the skill provides specific usage patterns that rely on the underlying platform's orchestration layer to validate and sanitize these identifiers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 02:31 AM
Security Audit — agent-trust-hub — file-sharing