Skills
skills/gendosu/agkan-skills/execute-subtask/Gen Agent Trust Hub

execute-subtask

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill retrieves task content using agkan task get <id> --json and instructs the agent to implement logic based on that task content, creating a pathway for external instructions to influence agent actions.\n
  • Ingestion points: SKILL.md (via agkan task get).\n
  • Boundary markers: Absent; task content is used directly to guide implementation.\n
  • Capability inventory: git (branching and pushing), gh (PR creation), and agkan (task status and body updates) subprocess calls in SKILL.md.\n
  • Sanitization: Absent; the skill does not validate or filter task body content before use.\n- [COMMAND_EXECUTION]: The skill executes multiple shell commands to manage the development lifecycle, including git checkout, git commit, git push, and gh pr create. It also uses the agkan CLI tool for task management and performs file writes to the /tmp directory using here-docs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:43 AM