desktop
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The developer guide for local tools in
references/local-tools.mdprovides a template for file operations that is vulnerable to path traversal. TheLocalFileCtrimplementation inapps/desktop/src/main/controllers/LocalFileCtr.tsusespath.joinwith thenewNameparameter without performing any sanitization or validation, which could allow an attacker to manipulate files outside the intended scope. - Ingestion points: The
renameFiletool manifest inreferences/local-tools.mddefines parameters (oldPath,newName) that accept untrusted input. - Boundary markers: No specific boundary markers or instruction-following delimiters are implemented in the provided IPC controller examples.
- Capability inventory: The skill utilizes
fs/promisesfor direct file system modification (fs.rename) within the Electron main process. - Sanitization: While general 'Best Practices' in
SKILL.mdmention validating inputs, the specific code templates provided for the agent to follow inreferences/local-tools.mdlack sanitization logic.
Audit Metadata