bb-tasks
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external design documents which constitutes an indirect prompt injection surface. Malicious content within these files could potentially influence the task generation process and subsequent agent actions.- Ingestion points: The skill reads multiple local files from the FEATURE_DIR, including plan.md, spec.md, data-model.md, contracts, research.md, quickstart.md, user-stories.md, and buildbetter-context.md.- Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the content of these files as untrusted or to ignore embedded instructions.- Capability inventory: The skill is designed to extract information from these files and write a new tasks.md file to the local filesystem.- Sanitization: No sanitization, validation, or escaping of the input file content is performed before processing or inclusion in the output.
Audit Metadata