Skills
skills/get-convex/agent-skills/mike-convex-thumbnail/Gen Agent Trust Hub

mike-convex-thumbnail

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to execute a local PowerShell script (scripts/check-local-assets.ps1) to verify the availability of asset files. While the script performs benign operations (Test-Path), execution of bundled scripts increases the attack surface.\n- [DATA_EXFILTRATION]: The SKILL.md file contains hardcoded absolute paths to the user's local file system, including C:\Users\mikec\Assets\Images, G:\My Drive\Personal\Photos of Me, and C:\Users\mikec\AppData\Local\Temp. This exposes the user's local username and internal directory structure to the AI model.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 12:09 AM
Security Audit — agent-trust-hub — mike-convex-thumbnail