markdown-task-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): The skill contains standard operational instructions for task management and does not include override commands or jailbreak attempts.
- Data Exposure & Exfiltration (SAFE): The skill only interacts with specified local files (kanban.md and archive.md). No credentials or network operations are present.
- Unverifiable Dependencies & Remote Code Execution (SAFE): There are no package requirements or remote script downloads. While it mentions Git commands in documentation, it does not define automated execution paths for them.
- Indirect Prompt Injection (LOW): The skill reads from user-editable Markdown files, creating a surface for indirect instructions. However, its functions are restricted to formatting and moving text within those files, limiting potential impact.
- Dynamic Execution (SAFE): No runtime code generation or unsafe deserialization patterns were found.
Audit Metadata