zentao-cli
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the zentao CLI to perform project management tasks. It provides instructions to use the --yes flag to bypass interactive confirmation during automated deletion operations, which is balanced by a general safety instruction to confirm write actions with the user.
- [EXTERNAL_DOWNLOADS]: The skill relies on the installation of the zentao-cli package, which is a vendor-owned resource provided for managing ZenTao data.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads project data (ingestion points: bugs, stories, tasks) and executes shell commands to modify that data (capability inventory: zentao-cli create/update/delete). No boundary markers or sanitization steps are defined for the ingested data, though the skill requires user confirmation before write operations.
Audit Metadata