Skills
skills/andreadellacorte/groove/groove-utilities-memory-promises/Gen Agent Trust Hub

groove-utilities-memory-promises

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various subcommands using the beans CLI tool (e.g., beans list, beans create, beans update) through a scoped bash environment (Bash(beans:*)). These commands are used to manage milestones, epics, and tasks within the user's workspace.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from .groove/index.md and command outputs from the beans tool.
  • Ingestion points: Configuration is read from .groove/index.md, and task lists are retrieved from the beans CLI output.
  • Boundary markers: The instructions do not define clear delimiters or "ignore instructions" headers for the data processed from files or tool outputs.
  • Capability inventory: The skill has the capability to write/edit files and execute bash commands via the beans tool.
  • Sanitization: There is no evidence of explicit sanitization or validation of the text retrieved from the configuration file or the task backend before it is used in subsequent operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:03 AM