google-tasks
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a locally installed command-line tool (
gtasks) to manage user tasks. Operations include viewing, adding, updating, and deleting tasks through shell commands. - [REMOTE_CODE_EXECUTION]: The skill mentions installation using the
uvtool from a local directory path (~/Developer/Tools/GoogleTasks/). There are no references to downloading or executing code from remote or untrusted internet sources. - [DATA_EXFILTRATION]: No unauthorized network activity or data exfiltration patterns were detected. The tool interacts with Google Tasks via a local binary as part of its primary intended function.
- [PROMPT_INJECTION]: The instructions do not contain any bypass attempts or overrides of the agent's safety guidelines. It explicitly includes a safety instruction to 'Always confirm with the user before deleting tasks'.
Audit Metadata