cleanup-artifacts
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill performs artifact management using standard shell utilities like find, grep, and mv. It includes defensive coding practices such as path canonicalization to prevent directory traversal and uses the double-dash delimiter in shell commands to prevent argument injection from arbitrary filenames.
- [REMOTE_CODE_EXECUTION]: The skill executes a project-local Bun script for manifest synchronization. This is a legitimate utility provided within the project scope by the author for state management.
- [DYNAMIC_CONTEXT_INJECTION]: Benign shell commands are used within the orchestrator file to gather metadata (such as file counts) at skill load time. These operations are restricted to non-privileged, read-only information gathering and do not incorporate user-supplied inputs.
Audit Metadata