zentao-tour
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute
zentao-clicommands (e.g.,zentao product create,zentao task finish,zentao profile) to interact with a ZenTao server. These commands are part of the intended functionality for a project management tool. - [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the
zentao-clipackage via official package managers such as NPM, Bun, and Pnpm. These are standard procedures for installing the vendor's official command-line interface. - [PROMPT_INJECTION]: The skill instructions do not contain any patterns attempting to bypass safety filters, extract system prompts, or override agent constraints.
- [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were identified. Sensitive operations, such as logging in, are performed locally by the user through the CLI tool, and no data is sent to non-whitelisted or suspicious domains.
- [SAFE]: The skill's behavior is consistent with its stated purpose of providing an educational tour of a project management system. All referenced resources and packages originate from the official vendor (easysoft).
Audit Metadata