Trello Automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection based on its processing of external data.
- Ingestion points: Trello card details, board configurations, and labels as defined in the skill's input metadata.
- Boundary markers: The documentation lacks specific instructions or delimiters to isolate untrusted card content from the agent's core instructions.
- Capability inventory: The skill possesses capabilities for card management, board automation, and workflow modification across several tools (trello_card, trello_list, trello_board, trello_automation).
- Sanitization: There is no mention of input validation or sanitization for the content ingested from Trello cards.
Audit Metadata