Project Tracking
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses basic shell commands like
ls,mkdir,mv, andtouchto manage the project workspace as described inreferences/workflows.md. These commands are standard for file organization within thedocs/workspace/directory. - [INDIRECT_PROMPT_INJECTION]: The skill processes markdown files from the workspace directory which serve as context for the agent. While these files are ingestion points for untrusted data, the skill's capabilities are limited to local file management.
- Ingestion points: Markdown files within
docs/workspace/initiatives/,docs/workspace/ideas/, anddocs/workspace/todos/. - Boundary markers: The templates do not include specific delimiters or instructions to ignore embedded commands, though the workflows are purely organizational.
- Capability inventory: The agent performs file read, write, move, and directory listing operations using standard CLI tools.
- Sanitization: No explicit content sanitization is performed on the tracked documents.
Audit Metadata