Trello Automation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill provides clear templates for Trello automation and board management using the provided MCP server tools.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from Trello cards (titles, descriptions) to automate workflows. This is inherent to the skill's purpose. Ingestion points: Card details and list configurations are ingested through the 'trello_card' and 'trello_list' tools in 'SKILL.md'. Boundary markers: No explicit delimiters or guardrails are defined in the templates to differentiate between data and instructions. Capability inventory: The skill uses 'trello_automation' to modify board state and post comments. Sanitization: No explicit sanitization logic is shown in the static templates.
Audit Metadata