takt-task
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts for structural validation. It calls its internal
validate-order-md.shand a vendor-related scriptvalidate-takt-files.shfrom thetakt-pieceskill. - [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection (Category 8). 1. Ingestion points: It reads task metadata from
.takt/tasks.yamland processes user-provided requirements inSKILL.md. 2. Boundary markers: No delimiters or explicit instructions are provided to the agent to ignore embedded commands in the data. 3. Capability inventory: The skill has the capability to execute shell commands viabashas defined in the validation steps. 4. Sanitization: There is no evidence of sanitization or escaping of external content before it is interpolated into task files.
Audit Metadata