Skills
skills/agent-sh/agentsys/discover-tasks/Gen Agent Trust Hub

discover-tasks

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands via gh (GitHub CLI), glab (GitLab CLI), and grep to retrieve task information from repositories and local files.
  • [EXTERNAL_DOWNLOADS]: Communicates with official GitHub and GitLab APIs to fetch issues, projects, and pull request data.
  • [PROMPT_INJECTION]: The skill ingests data from external sources such as issue titles and descriptions. This represents an indirect prompt injection surface where maliciously crafted issue content could potentially influence the agent's context when this data is displayed or used in subsequent workflow steps.
  • Ingestion points: GitHub issue lists, GitLab issue lists, and local Markdown files (PLAN.md, tasks.md, TODO.md) via SKILL.md.
  • Boundary markers: None implemented for issue descriptions or titles in the prompt interpolation.
  • Capability inventory: Access to shell commands (Bash), file reading, and user interaction tools.
  • Sanitization: Applies length truncation to labels for UI presentation, though the full task body is stored in the workflow state.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:00 PM