Skills
skills/vm0-ai/vm0-skills/drive9/Gen Agent Trust Hub

drive9

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands using curl to interact with the drive9.ai REST API for file and directory management (GET, PUT, POST, DELETE).
  • [DATA_EXFILTRATION]: Transmits content from the local environment (e.g., files in /tmp/) to the external api.drive9.ai endpoint. This behavior is expected given the skill's purpose as a network filesystem.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion and retrieval of persistent data, which creates a surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the context through curl -X PUT operations and directory listing described in SKILL.md.
  • Boundary markers: Absent. The instructions do not define delimiters or provide guidance to ignore instructions within stored files.
  • Capability inventory: The skill uses curl for network requests and can write/delete files via the API, as seen in SKILL.md.
  • Sanitization: No sanitization or validation of the stored file content is mentioned or implemented in the provided instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:43 PM