disk-hygiene

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill features Self-Evolution instructions in SKILL.md that guide the agent to modify its own instructions based on execution results. This creates a surface for indirect prompt injection because the agent processes untrusted file names and metadata from user directories. Ingestion points: File lists from ~/Downloads, ~/Documents, and ~/Desktop generated in SKILL.md. Boundary markers: None present. Capability inventory: Bash for system commands and Write for modifying the skill's own code in SKILL.md. Sanitization: None performed on external file metadata.
  • [COMMAND_EXECUTION]: The skill performs shell-based operations using the Bash tool to audit disk usage and execute cleanup routines for package managers. It also suggests writing scripts to /tmp/ as a workaround for shell hook issues, which involves dynamic script creation and execution.
  • [EXTERNAL_DOWNLOADS]: The skill recommends the installation and use of external disk analysis utilities including dust, dua-cli, and gdu through the Homebrew package manager.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 02:02 PM
Security Audit — agent-trust-hub — disk-hygiene