Skills
skills/andreadellacorte/groove/groove-utilities-task-update/Gen Agent Trust Hub

groove-utilities-task-update

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs shell commands for tools like gh and beans by interpolating task identifiers, statuses, and body content (e.g., gh issue edit <number> --body "<body>"). This approach is vulnerable to shell command injection if the task data contains metacharacters such as backticks, semicolons, or dollar-sign parentheses.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its interaction with untrusted data from external task management backends.
  • Ingestion points: Task content is ingested from GitHub, Linear, and local configuration files.
  • Boundary markers: No specific delimiters or instructions are used to isolate external content from the agent's logic.
  • Capability inventory: The skill utilizes powerful tools including Bash (git, beans, gh, linear, npx), Write, and Edit.
  • Sanitization: There is no evidence of sanitization or validation of the input strings before they are processed or executed in shell commands.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 09:04 AM