Skills
skills/everyinc/compound-engineering-plugin/ce-todo-create/Gen Agent Trust Hub

ce-todo-create

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use shell commands such as mkdir -p to create directories and mv to rename files during the todo lifecycle (e.g., renaming a file from pending to ready). These are standard operations for managing a file-based tracking system.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes data from external files.
  • Ingestion points: The skill reads markdown files from .context/compound-engineering/todos/ and the legacy todos/ directory (SKILL.md).
  • Boundary markers: None identified; the instructions do not specify delimiters or warnings to ignore instructions embedded within the todo files.
  • Capability inventory: The agent is authorized to use shell commands (mkdir, mv) and file system search/read tools as described in the workflows (SKILL.md).
  • Sanitization: No sanitization or validation of the content within the markdown files is specified before the agent processes them for triage or resolution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 05:21 AM