triage
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a meta-instruction to override the agent's current configuration by explicitly demanding a model change ("First set the /model to Haiku").
- [COMMAND_EXECUTION]: The skill executes destructive file system operations, specifically the automated deletion of files within the
todos/directory when a user selects the "next" option during triage. - [COMMAND_EXECUTION]: The workflow incorporates system-level commands and references custom CLI tools (e.g.,
lsand/resolve_todo_parallel) to manage and interact with local project files.
Audit Metadata