zentao
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with the ZenTao system by executing
zentao-clicommands. These commands are used for authenticating users, querying project data, and performing write operations like task creation and status updates. - [EXTERNAL_DOWNLOADS]: The skill specifies the installation of
@chenish/zentao-mcp-agentvia NPM. This package is managed by the skill's author and provides the necessary MCP (Model Context Protocol) implementation for the ZenTao integration. - [CREDENTIALS_SAFE]: The skill manages authentication through a standard login workflow. Instructions guide the agent to perform silent re-authentication using locally stored credentials if a session expires, which is a routine mechanism for CLI-based tools.
- [DATA_PROCESSING]: The skill includes hardcoded absolute file paths (e.g.,
/Users/samuel/Desktop/...) for its reference documentation. While this is a configuration oversight that may impact portability, it does not pose a security threat to the user environment.
Audit Metadata