skf-rename-skill
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs significant file system operations including recursive copying, directory moving, and recursive deletion (
rm -rf) of old skill directories. These operations are core to the skill's primary purpose of renaming assets and are implemented with a transactional safety workflow that includes copy-before-delete logic and mandatory verification steps. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes content from external files like
.export-manifest.jsonand various skill metadata files to determine file paths and content updates. - Ingestion points: Reads
.export-manifest.jsoninstep-01-select.mdand readsSKILL.md,metadata.json,context-snippet.md, andprovenance-map.jsoninstep-02-execute.md. - Boundary markers: The skill explicitly uses
<!-- SKF:BEGIN -->and<!-- SKF:END -->delimiters in platform context files to scope its modifications. - Capability inventory: Performs file moves, recursive deletions, and content writes across the local filesystem in
step-02-execute.md. - Sanitization: Implements JSON parsing, schema version validation (
schema_version: "2"), and structural verification before proceeding to irreversible deletion operations.
Audit Metadata