llm-subtask
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides bash scripts (
bin/llm-subtask-init,bin/llm-subtask-todo, andbin/llm-subtask-idea) for project-local task file management. These scripts use standard system tools such ascp,find, andsedto create and maintain task checklists and planning documents. - [PROMPT_INJECTION]: The skill defines a 'Marker Command' pattern where specific strings like
todo push:are recognized as triggers for task updates. These commands are a core part of the skill's workflow management functionality and do not attempt to bypass safety protocols. - [SAFE]: The skill operates entirely within the project's local directory structure and does not perform network operations, access sensitive credentials, or execute external code from untrusted sources.
Audit Metadata