ln-724-artifact-cleaner
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands, including
rm -fandrm -rf, to delete configuration files and directories identified as platform artifacts (e.g.,.replit,.stackblitzrc,.local/,.cache/,.upm/). This behavior is the primary intended function of the skill. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and processes external data (file names, project structure, and file contents) to determine its actions.
- Ingestion points: The agent scans project directory structures and greps through file contents (e.g.,
package.json,vite.config.ts, and UI components) during Phase 1. - Boundary markers: A mandatory user confirmation step is required in Phase 3 before any execution occurs, providing a human-in-the-loop boundary.
- Capability inventory: The skill possesses filesystem modification and deletion capabilities, including recursive directory removal.
- Sanitization: There are no explicit instructions for sanitizing file paths or content before processing them through shell commands or regex patterns.
Audit Metadata