teamharness-file-sharing
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured approach for managing files in shared environments, such as project and task workspaces. It incorporates security best practices by explicitly instructing the agent to use abstracted paths and avoid exposing underlying storage credentials or provider-specific details.\n- [PROMPT_INJECTION]: The skill describes operations that involve reading content from shared directories which could potentially be modified by other agents or users (Indirect Prompt Injection surface).\n
- Ingestion points: Files located at shared/projects/{project-id}/ and shared/tasks/{task-id}/ (e.g., meta.json, plan.md, spec.md).\n
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within these shared files.\n
- Capability inventory: The skill utilizes the filesync tool for file system operations (list, pull, push).\n
- Sanitization: No explicit sanitization or validation logic for the content of the shared files is documented.
Audit Metadata