things-morning-organizer
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from task titles and notes, which could be used to influence the agent's behavior during categorization and tagging.\n
- Ingestion points: Task data retrieved via
things_get_today,things_get_inbox,things_get_anytime,things_get_upcoming, andthings_get_someday.\n - Boundary markers: Absent; there are no instructions to ignore or isolate embedded commands within the task content.\n
- Capability inventory: The skill has the ability to modify tasks via
things_update_todoand create new tasks viathings_add_todo.\n - Sanitization: Absent; while the skill rephrases tasks for clarity, it does not explicitly filter for or escape potentially malicious instructions embedded in the task data.
Audit Metadata