Skills
skills/colonelpanic8/dotfiles/org-agenda-api/Gen Agent Trust Hub

org-agenda-api

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill consists solely of a markdown documentation file and does not include any bundled scripts or executable code.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from an external API and allows the agent to perform sensitive operations based on that data.
  • Ingestion points: Agenda entries and TODO items are retrieved via the /agenda and /get-all-todos endpoints in SKILL.md.
  • Boundary markers: No boundary markers or instructions to ignore embedded commands are specified in the documentation.
  • Capability inventory: The skill exposes endpoints to delete entries (POST /delete), update task properties (POST /update), and mark tasks as complete (POST /complete) in SKILL.md.
  • Sanitization: There is no evidence of sanitization or validation of the content retrieved from the API before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 01:28 AM