add-task
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill executes a local shell script
create-folders.shto initialize directory structures. While the execution is targeted at a local path defined by the${CLAUDE_PLUGIN_ROOT}environment variable, it represents a command execution surface. - PROMPT_INJECTION (LOW): (Category 8
- Indirect Prompt Injection) The skill ingests untrusted user input to generate local task documentation, creating a potential path for persistent instructions.
- Ingestion points: User-provided task descriptions and titles passed as arguments (SKILL.md).
- Boundary markers: Employs Markdown headers (
## Initial User Prompt) to delimit untrusted data from the task metadata. - Capability inventory: Subprocess execution (
bash) and local file-write capabilities via the Write tool (SKILL.md). - Sanitization: No explicit sanitization or escaping of special characters is performed on the user input, as the instructions mandate preserving the exact user intent.
Audit Metadata