generate-tasks
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill instructions define a legitimate workflow for project management and task generation. It does not perform unauthorized file access, network exfiltration, or persistence operations.
- [PROMPT_INJECTION]: The skill processes external data (PRDs, feature descriptions, and links) to generate task lists, which is a potential surface for indirect prompt injection. Ingestion points: The skill reads PRD files (e.g.,
tasks/prd-*.md), feature descriptions, and remote requirement links provided by the user. Boundary markers: There are no explicit delimiters or instructions to ignore instructions embedded within the source requirements. Capability inventory: Reading requirements, writing task lists to the/tasks/directory, and suggesting local command execution. Sanitization: No validation or sanitization is performed on the ingested content. - [COMMAND_EXECUTION]: The skill generates tasks that involve executing standard development commands. Evidence: Tasks include the use of
git checkout,bundle exec rspec,npm test, andyard doc. These commands are standard for the intended Ruby/Rails and JavaScript development environments and do not represent a security risk in this context.
Audit Metadata