task-delegation
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill performs local task management by writing and reading JSON files in a dedicated local directory (~/.alex/tasks). No suspicious network activity, hardcoded credentials, or obfuscated code was detected.
- [COMMAND_EXECUTION]: The skill provides execution hints for the 'alex' CLI. This is consistent with the intended functionality of delegating tasks to other agents via a bridge.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. (1) Ingestion points: Untrusted data enters via 'task' and 'context' arguments in 'run.py'. (2) Boundary markers: No delimiters or ignore instructions are present. (3) Capability inventory: The skill has bash tool access and performs file write operations in 'run.py'. (4) Sanitization: No escaping or validation of external content is implemented.
Audit Metadata