dag-task-scheduler
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No credentials, sensitive file paths, or network operations were detected. The skill operates on abstract task data.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages or remote code execution patterns were found. The code blocks provided are for instructional/algorithmic purposes only.
- [Indirect Prompt Injection] (LOW): The skill processes DAG data (likely from external files or other skills). While this presents a surface for indirect prompt injection, the skill's logic is purely algorithmic (sorting and grouping), and no instructions encourage the agent to execute content found within the data.
- [Persistence & Privilege Escalation] (SAFE): No attempts to gain higher privileges or maintain persistence on the host system were identified.
- [Obfuscation] (SAFE): No encoded or hidden content was found in the skill metadata or body.
Audit Metadata