skills/minio/skills/mc/Gen Agent Trust Hub

mc

Pass

Audited by Gen Agent Trust Hub on Jul 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill describes the use of mc find --exec, which executes local shell commands. It explicitly warns that this can be dangerous if object names are maliciously crafted and provides guidance to never build these commands using untrusted inputs.
  • [DATA_EXFILTRATION]: Documentation for the mc support suite of commands is provided. These tools are designed to transmit cluster diagnostics to MinIO for support purposes. The skill includes a mandatory step for the agent to get user consent before any data transmission occurs.
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent on how to manage S3 credentials using environment variables and configuration files. It highlights best practices for secret management, specifically advising against hardcoding keys and keeping them out of shell logs.
  • [PROMPT_INJECTION]: The instructions establish safety guardrails by directing the agent to refuse and escalate destructive operations (e.g., recursive deletion, site wiping) to a human. These are agent behavior constraints aimed at preventing unintentional data loss.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 14, 2026, 05:47 PM