document-inventory
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill functions as a local document indexing tool using standard Python libraries. No evidence of malicious intent or hidden functionality was found.
- [COMMAND_EXECUTION]: All database operations are performed using parameterized queries, which protects the system from SQL injection attacks via untrusted file names or metadata.
- [DATA_EXFILTRATION]: The skill uses recursive directory scanning but restricts indexing to specific document extensions. This mitigation prevents the cataloging of sensitive system files, credentials, or hidden directories that lack the defined extensions.
Audit Metadata