task-breakdown
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external specifications to generate task breakdowns and potentially create new skills. It lacks mechanisms to distinguish between legitimate requirements and malicious instructions embedded within the input data.
- Ingestion points: Processes user-provided requirements and specifications mentioned in the skill description and instructions.
- Boundary markers: Absent; there are no delimiters or instructions to treat input specs as untrusted data.
- Capability inventory: File system writing (docs/ directory), dynamic creation of new skills, execution of shell commands (e.g., pytest templates), and subagent management.
- Sanitization: Absent; the skill does not filter or sanitize the input before using it to generate documentation, code snippets, or new skill files.
- [COMMAND_EXECUTION]: The skill's task template explicitly includes the generation and execution of shell commands for verification purposes. If the input specifications are malicious, they could influence the agent to generate and execute harmful commands under the guise of verification tests.
Audit Metadata