Skills
skills/iliaal/compound-engineering-plugin/file-todos/Gen Agent Trust Hub

file-todos

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard bash utilities (ls, grep, awk, cp, mv) to manage local markdown files in a todos/ directory. These commands are used for organization, status tracking, and dependency management.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it reads and processes markdown files that may contain instructions sourced from untrusted external data, such as PR comments.
  • Ingestion points: Markdown files within the todos/ directory.
  • Boundary markers: There are no defined delimiters or instructions to ignore embedded commands within the todo files.
  • Capability inventory: Access to shell commands for file system listing, searching, copying, and moving (ls, grep, cp, mv).
  • Sanitization: No sanitization or validation of the content within the markdown todo files is performed before the agent processes them.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 05:37 PM