Skills
skills/beshkenadze/kaban/kaban-workflow/Gen Agent Trust Hub

kaban-workflow

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill instructs the user or agent to install software from non-standard sources.
  • It suggests npm i -g @kaban-board/cli. The @kaban-board organization is not in the trusted sources list.
  • It suggests brew install beshkenadze/tap/kaban, pointing to a personal GitHub repository tap which is also unverified.
  • [Indirect Prompt Injection] (LOW): The skill creates an attack surface by ingesting untrusted data from task titles and labels during kaban_status or kaban list operations. While it uses this data to suggest next steps (e.g., "Resume [task]?"), the current capabilities are limited to the Kanban workflow and mirroring to TodoWrite, minimizing the risk of high-severity side effects.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 05:27 AM