task
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious override or bypass patterns were detected. The skill uses standard instructional language to define its task-capturing behavior.
- [Data Exposure & Exfiltration] (SAFE): The skill only interacts with a local
tasks.mdfile. No network requests (curl, wget, fetch) or access to sensitive directories (like ~/.ssh or .env) were found. - [Remote Code Execution] (SAFE): There are no patterns involving the download or execution of remote scripts or the installation of third-party packages.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user input in the form of task descriptions and appends them directly to a file. This represents a potential injection surface if another tool subsequently reads and executes instructions from
tasks.mdwithout sanitization. - Ingestion points: User-provided
[task description]extracted during the Parse Input step inSKILL.md. - Boundary markers: None; the task text is appended as a markdown list item.
- Capability inventory: File-write (append) to
tasks.md. - Sanitization: No escaping or validation is performed on the task description before it is written to the file.
Audit Metadata