Skills
skills/ajbcoding/claude-skill-eval/moai-alfred-todowrite-pattern/Gen Agent Trust Hub

moai-alfred-todowrite-pattern

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implementation patterns interpolate untrusted data directly into agent prompts. For example, in reference.md, a user request is embedded into a prompt for a 'Plan' agent: prompt=f"Create structured plan for: {user_request}".\n
  • Ingestion points: The user_request variable and task-related fields like content.\n
  • Boundary markers: No boundary markers or specific delimiters are used to isolate the untrusted input from the rest of the prompt.\n
  • Capability inventory: The skill possesses Bash and TodoWrite capabilities, enabling potential file-system modifications or command execution.\n
  • Sanitization: No evidence of sanitization, filtering, or escaping of input data is present in the provided patterns.\n- [COMMAND_EXECUTION]: The skill's metadata in SKILL.md explicitly enables the Bash tool. Furthermore, the markdown body includes an example of using Bash to modify local files (e.g., appending content to the skill's own file using cat >>), which could be abused if an injection occurs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:06 AM