The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to build a shell command (taskmd set <ID> --flags) directly from the $ARGUMENTS variable. There is no requirement for input validation or shell-escaping, making the system vulnerable to command injection via shell metacharacters like ;, &, or |.
[PROMPT_INJECTION]: The skill accepts direct user input from $ARGUMENTS to determine task IDs and field values without explicit instructions to ignore potentially malicious instructions or to use safe parsing methods, allowing the user to influence agent behavior.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface with the following attributes: (1) Ingestion points: Untrusted data enters via $ARGUMENTS in SKILL.md; (2) Boundary markers: None are present to delimit user input from instructions; (3) Capability inventory: The skill has access to Bash, Read, and Edit tools in SKILL.md; (4) Sanitization: There are no instructions to sanitize or validate external content before interpolation into the Bash tool.

update-task