add-task
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to run thetaskmdCLI utility. It instructs the agent to construct commands using user-provided data from$ARGUMENTS(e.g.,taskmd add "[title]"). This pattern creates a surface for command injection if the agent does not properly escape shell-control characters present in the user's input. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted data and uses it to drive agent actions.
- Ingestion points: User input provided via
$ARGUMENTSis used to define command-line arguments and populate task file content. - Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to treat the input as literal data rather than instructions.
- Capability inventory: The skill has access to
Bash(shell execution),Read(file system access), andEdit(file modification). - Sanitization: Absent. There are no instructions to validate, filter, or escape the content of
$ARGUMENTSbefore processing.
Audit Metadata