trello
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system binaries curl and jq to perform network requests to the Trello API and process JSON responses.
- [DATA_EXFILTRATION]: Network operations are directed to the official Trello API service (api.trello.com). Authentication is securely managed via environment variables (TRELLO_API_KEY and TRELLO_TOKEN) rather than hardcoded secrets.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from an external source.
- Ingestion points: Untrusted data enters the agent context through API responses when listing boards, lists, and cards as defined in SKILL.md.
- Boundary markers: The templates lack delimiters or instructions to the agent to ignore potentially malicious content within retrieved data.
- Capability inventory: The skill has access to curl for network operations and jq for data processing.
- Sanitization: No validation or sanitization is performed on the content retrieved from the Trello API before it is presented to the agent.
Audit Metadata