Skills
skills/driangle/taskmd/verify-task/Gen Agent Trust Hub

verify-task

Warn

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run the command taskmd verify $ARGUMENTS --format json. The variable $ARGUMENTS is derived directly from the user's input.
  • [PROMPT_INJECTION]: There is a risk of command injection because user-provided content is interpolated into a shell command string. A malicious user could provide a task ID containing shell metacharacters (e.g., ;, &&, |) to execute unauthorized commands.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the data it processes.
  • Ingestion points: Codebase files and task descriptions read via Read, Glob, and Grep.
  • Boundary markers: Absent. The agent is instructed to read assertions and evaluate them without clear delimiters or instructions to ignore embedded malicious instructions.
  • Capability inventory: The agent has the ability to execute commands via Bash and access the filesystem using Read, Glob, and Grep.
  • Sanitization: No sanitization or validation of the file content is performed before the agent evaluates the assertions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 25, 2026, 05:36 PM