groove-utilities-task-analyse
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes command-line utilities including
gh,linear, and a tool namedbeans. It also calls a local workspace script atskills/groove-utilities-task-list/scripts/list-tasks-by-priority.sh. These commands are used as intended to retrieve task metadata for summarization. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external task data into the agent's context.
- Ingestion points: Task titles, descriptions, and 'Summary of Changes' sections are fetched from GitHub, Linear, and the Beans backend.
- Boundary markers: The skill does not define specific delimiters or isolation instructions to prevent the agent from obeying instructions embedded in the task content.
- Capability inventory: The skill has permissions for
Bash,Write,Edit, andReadtools, which increases the potential impact of an injection attack. - Sanitization: No sanitization or content validation is performed on the task data before processing.
Audit Metadata