Skills
skills/cklxx/elephant.ai/task-delegation/Gen Agent Trust Hub

task-delegation

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill acts as a conduit for indirect prompt injection via its delegation workflow.\n
  • Ingestion points: The dispatch function in run.py accepts task and context parameters from the user or another agent without validation.\n
  • Boundary markers: The stored JSON task files do not use delimiters or instructions to prevent downstream agents from obeying commands embedded within the task text.\n
  • Capability inventory: The skill performs file writes to ~/.alex/tasks and provides command-line execution hints for downstream tools like alex exec.\n
  • Sanitization: There is no evidence of sanitization, escaping, or filtering of the input task content before it is persisted.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 04:15 AM