disk-cleaner
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of Bash commands including
du,find,df, anddockerto inspect the filesystem. It is designed to perform interactive file deletions (rm) based on user feedback after providing a report. - [DATA_EXPOSURE]: The skill scans potentially sensitive locations such as
~/Library/Application Support/and all hidden directories in the user's home folder (e.g.,.ssh,.aws,.env). While it only reports on file sizes and paths, this exposes filesystem metadata to the model. - [PROMPT_INJECTION]: User-provided arguments are directly interpolated into the prompt via
$ARGUMENTS. This is a potential vector for direct prompt injection where a user could provide crafted input to alter the agent's intended behavior or bypass the 'Safety Rules' defined in the skill.
Audit Metadata