Skills
NYC
skills/ailabs-393/ai-labs-claude-skills/personal-assistant/Gen Agent Trust Hub

personal-assistant

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill stores user-provided content that may contain malicious instructions, creating a surface for indirect prompt injection when the agent later reviews these tasks. \n
  • Ingestion points: Untrusted data enters the agent context via task titles and descriptions in scripts/task_helper.py. \n
  • Boundary markers: Absent; the implementation lacks delimiters to distinguish user-provided data from system instructions. \n
  • Capability inventory: The skill has capabilities to read and write local task data and manage schedules as defined in scripts/task_helper.py and referenced in references/assistant_capabilities.md. \n
  • Sanitization: Absent; the skill does not perform any escaping or validation on stored task metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:44 PM