triage
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a standard administrative workflow for file management. It performs file system operations such as reading, updating, and deleting markdown files within the 'todos/' directory. These actions are triggered by explicit user instructions ('yes', 'next', 'custom') and are consistent with the skill's stated purpose of triaging a todo system.
- [PROMPT_INJECTION]: The skill processes external data (findings) from the 'todos/' directory, which represents an indirect prompt injection surface.
- Ingestion points: Reads pending todo files from the
todos/directory inSKILL.md. - Boundary markers: None; the skill does not explicitly use delimiters or instructions to ignore nested commands within the findings.
- Capability inventory: The skill can rename, update, and delete files in the
todos/directory as described inSKILL.md. - Sanitization: No sanitization or content filtering is implemented for the ingested finding descriptions.
Audit Metadata