Skills
skills/ionfury/homelab/taskfiles/Gen Agent Trust Hub

taskfiles

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill's core function is to define and run shell commands through the Taskfile format. Provided templates include execution of high-privilege tools such as terragrunt for infrastructure provisioning and ipmitool for hardware management.\n- [PROMPT_INJECTION] (HIGH): The skill presents a significant Indirect Prompt Injection surface (Category 8).\n
  • Ingestion points: The agent reads untrusted content from existing Taskfile.yaml files, the .taskfiles/ directory, and infrastructure/inventory.hcl.\n
  • Boundary markers: Absent. There are no instructions to the agent to ignore or isolate instructions found within the data files it processes.\n
  • Capability inventory: The agent has full capability to execute shell commands via the task CLI, write to the filesystem, and manage infrastructure.\n
  • Sanitization: Absent. The skill promotes the direct interpolation of CLI_ARGS into shell commands (e.g., git worktree add ... -b "{{.NAME}}"), which is a classic command injection vulnerability.\n- [CREDENTIALS_UNSAFE] (LOW): Documentation in references/schema.md explicitly supports loading .env and .env.local files. While standard for the tool, this increases the risk of the agent accidentally exposing or misusing sensitive secrets during maintenance tasks.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:30 AM