disk-hygiene
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill features Self-Evolution instructions in
SKILL.mdthat guide the agent to modify its own instructions based on execution results. This creates a surface for indirect prompt injection because the agent processes untrusted file names and metadata from user directories. Ingestion points: File lists from~/Downloads,~/Documents, and~/Desktopgenerated inSKILL.md. Boundary markers: None present. Capability inventory:Bashfor system commands andWritefor modifying the skill's own code inSKILL.md. Sanitization: None performed on external file metadata. - [COMMAND_EXECUTION]: The skill performs shell-based operations using the
Bashtool to audit disk usage and execute cleanup routines for package managers. It also suggests writing scripts to/tmp/as a workaround for shell hook issues, which involves dynamic script creation and execution. - [EXTERNAL_DOWNLOADS]: The skill recommends the installation and use of external disk analysis utilities including
dust,dua-cli, andgduthrough the Homebrew package manager.
Audit Metadata