task-execution-engine
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to follow instructions within external markdown files. * Ingestion points: Design documents read via scripts/task_manager.py. * Boundary markers: No delimiters or 'ignore' instructions are used for task content. * Capability inventory: The agent has permissions to create and modify source files. * Sanitization: No content filtering is applied to the design documents.
- Command Execution (SAFE): The skill executes a local Python script
scripts/task_manager.pyto manage task state. - Operational Risk: The 'Unattended Mode' rules explicitly command the AI to proceed without human intervention or clarification, which significantly increases the risk that malicious tasks embedded in a design document will be executed.
Audit Metadata