done
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses an indirect injection surface (Category 8) because it processes untrusted data from external sources (Jira/JSON files).
- Ingestion points:
~/.claude/daily-tasks/$(date +%Y-%m-%d).json(specifically task summaries and Jira keys). - Boundary markers: Absent. The skill interpolates JSON values directly into the output summary.
- Capability inventory: Execution of
catanddatevia bash; file writing via a 'Write tool'. - Sanitization: Absent. There is no evidence of escaping or filtering of the strings read from the JSON file before they are displayed to the user or processed.
- Data Exposure & Exfiltration (SAFE): The skill accesses
~/.claude/daily-tasks/. While this involves reading from the user's home directory, the access is limited to a specific application folder necessary for the skill's stated purpose. - Command Execution (SAFE): Uses standard system utilities (
cat,date) to perform routine file and time operations. No arbitrary command execution or pipe-to-bash patterns found.
Audit Metadata