Skills
NYC
skills/duc01226/easyplatform/kanban/Gen Agent Trust Hub

kanban

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION] (MEDIUM): The skill implements an HTTP server that supports binding to all network interfaces (--host 0.0.0.0).
  • Evidence: SKILL.md instructions promote using --host 0.0.0.0 for remote access.
  • Evidence: The architecture defines a /file/* route for serving local files and an /api/plans route for exposing parsed data.
  • Risk: If an attacker is on the same local network, they can access the dashboard and potentially read sensitive files served by the skill without authentication.
  • [COMMAND_EXECUTION] (LOW): The skill executes a local Node.js server and manages background processes via PIDs.
  • Evidence: server.cjs and process-mgr.cjs are used to manage the server lifecycle.
  • Mitigation: The skill utilizes standard Node.js practices for a local tool, but users should be aware of the background processes.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill requires gray-matter from the standard npm registry.
  • Evidence: package.json lists gray-matter as a dependency.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill parses and renders content from local markdown files (plan.md).
  • Evidence: plan-scanner.cjs and plan-parser.cjs ingest untrusted data from the workspace.
  • Sanitization: Not explicitly detailed in the provided architectural overview, which may allow malicious markdown to influence the dashboard UI (Category 8 surface).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:16 PM