google-tasks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill is designed to run specific local Python scripts (e.g., tasks_operations.py) to perform task management. This is the primary intended function of the skill.
- EXTERNAL_DOWNLOADS (LOW): The setup instructions include installing standard packages (google-auth, google-api-python-client) from official sources. These are considered trusted dependencies.
- PROMPT_INJECTION (LOW): The skill ingests untrusted data from task titles and notes via the Google Tasks API. This constitutes a surface for indirect prompt injection. Ingestion points: File
tasks_operations.pythrough list/get operations. Boundary markers: None identified. Capability inventory: Local script execution and API write operations. Sanitization: No sanitization or escaping of task content is mentioned. - CREDENTIALS_UNSAFE (SAFE): While the skill manages OAuth secrets, it follows standard practices by recommending storage in a .env file and uses safe placeholders in the documentation.
Audit Metadata