The Agent Skills Directory

[COMMAND_EXECUTION]: The helper script scripts/list-tasks-by-priority.sh builds a jq filter string using unsanitized shell variable interpolation: jq -s 'add | .[0:'"$LIMIT"']'. This pattern is vulnerable to injection if the LIMIT parameter is supplied with malicious input.
[PROMPT_INJECTION]: The skill processes untrusted data from GitHub, Linear, and the beans CLI. Maliciously crafted task names or descriptions could potentially influence the agent's behavior during the 'parse and format' phase. Ingestion points: Data from gh issue list, beans list, and Linear CLI. Boundary markers: No delimiters or safety instructions are used to isolate task content. Capability inventory: Access to Bash (git, beans, gh, linear, npx), Read, Write, and Edit. Sanitization: No input validation or output escaping is implemented for task data.

groove-utilities-task-list