vibe-kanban
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill provides tools to programmatically update executable shell scripts within a repository management system (
vk update-setup-script,vk update-cleanup-script,vk update-dev-server-script). While intended for automation, this allows an agent to overwrite configuration scripts that may be executed in other environments. - PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it is explicitly instructed to scan task descriptions for mentions and 'respond as needed'.
- Ingestion points: Task titles and descriptions retrieved via
vk list-tasksandvk get-task(File: SKILL.md). - Boundary markers: Absent. The instructions do not define delimiters or provide warnings to ignore instructions embedded within the task data.
- Capability inventory: The agent can update or delete tasks and modify repository-level scripts using the
vkCLI (File: SKILL.md). - Sanitization: Absent. No validation or filtering of task content is mentioned before processing.
Audit Metadata