Skills
skills/richfrem/agent-plugins-skills/rlm-cleanup-agent/Gen Agent Trust Hub

rlm-cleanup-agent

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute local Python scripts including cleanup_cache.py and inventory.py to manage the RLM ledger. This is consistent with its stated purpose.
  • [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes external ledger data and possesses command-execution capabilities.
  • Ingestion points: The agent reads RLM Summary Ledger files (*_cache.json) during cleanup and inventory tasks.
  • Boundary markers: No delimiters or isolation instructions are provided to distinguish processed data from agent commands.
  • Capability inventory: The agent has access to Bash, Read, and Write tools for script execution and ledger modification.
  • Sanitization: No explicit validation or sanitization of the ledger contents is mentioned in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 06:09 PM