Skills
skills/cachemoney/agent-toolkit/td-task-management/Gen Agent Trust Hub

td-task-management

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill provides a mechanism for agents to store and retrieve unstructured text across sessions, creating a surface for malicious instructions to be persisted and later executed by an agent.
  • Ingestion points: Data enters the system via commands such as td log, td handoff, and td create as documented in SKILL.md and references/ai_agent_workflows.md.
  • Boundary markers: No documentation exists in SKILL.md regarding the use of delimiters or protective headers to distinguish between system state and user-generated content during retrieval.
  • Capability inventory: Agents are instructed in SKILL.md to use the output of td usage and td next to determine their current focus and next actions.
  • Sanitization: The instruction files do not describe any sanitization or validation processes for the data stored in the local .todos/ SQLite database.
  • No Code (SAFE): The skill consists entirely of documentation and does not include scripts, binaries, or instructions to install external software at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 11:26 PM