Skills
skills/zjy365/sealos-skills/sealos-s3/Gen Agent Trust Hub

sealos-s3

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various commands using sealos-cli and a local Node.js script.
  • Evidence: SKILL.md instructs the agent to run node <SKILL_DIR>/scripts/analyze-project-s3.mjs and various sealos-cli s3 commands for bucket and credential management.
  • [EXTERNAL_DOWNLOADS]: The skill may download and execute the sealos-cli tool at runtime.
  • Evidence: SKILL.md suggests using npx -y sealos-cli@latest ... for one-off commands if the binary is not found locally. This fetches the package from the NPM registry.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it analyzes untrusted project files.
  • Ingestion points: scripts/analyze-project-s3.mjs scans and reads content from arbitrary project files (e.g., .env, source code, configuration files).
  • Boundary markers: Absent. The instructions do not specify delimiters or warnings to ignore instructions embedded within the analyzed project files.
  • Capability inventory: The skill can execute shell commands via sealos-cli and modify local .env files.
  • Sanitization: None. The analyzer script extracts raw text patterns from files to determine storage requirements.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 03:35 AM
Security Audit — agent-trust-hub — sealos-s3