task-decomposer
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides instructions for organizing technical tasks based on existing documentation. It does not contain any malicious patterns such as prompt injection, obfuscation, or unauthorized data access.
- [SAFE]: The skill reads from a template file and writes output to a local directory. This is standard behavior for a planning tool and does not target sensitive system locations or credentials.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes external specifications. Ingestion points: Architecture and spec artifacts. Boundary markers: None. Capability inventory: Writes markdown files to docs/plans/. Sanitization: None. The risk is negligible as the skill lacks code execution or network capabilities.
Audit Metadata