cloud-upload-backup
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using curl to communicate with a local API endpoint and python to retrieve the parent process ID for logging and tracking.
- [DATA_EXFILTRATION]: Facilitates the transfer of local files to Tencent SMH cloud storage. While this involves moving data from the local environment to an external service, it is the primary purpose of the skill and targets a well-known, recognized technology provider.
- [EXTERNAL_DOWNLOADS]: Performs network operations via curl targeting a local proxy on localhost to handle file metadata and upload commands.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface due to its data ingestion capabilities. \n
- Ingestion points: localPath parameter used in upload and batch-upload commands (SKILL.md). \n
- Boundary markers: Absent; there are no specific instructions to ignore or delimit content within the files being processed. \n
- Capability inventory: curl for network/local proxy access and python for subprocess execution (SKILL.md). \n
- Sanitization: Absent; the skill does not explicitly describe sanitization of file paths or content.
- [PROMPT_INJECTION]: Includes robust operational guardrails (e.g., MUST output message verbatim) designed to prevent the agent from modifying server-provided links or hallucinating file information during the output phase.
Audit Metadata