task-management
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to automatically capture tasks from conversation and 'other work', creating a surface for indirect prompt injection. * Ingestion points: SKILL.md specifies that tasks are captured from 'mentions something he needs to do in passing' and 'when actionable items emerge from other work'. * Boundary markers: Absent; the instructions do not provide delimiters or logic to distinguish between user commands and data content during task extraction. * Capability inventory: The skill has the ability to create, update, and delete tasks via the todoist-cli utility. * Sanitization: Absent; there is no mention of validating or escaping content extracted from external sources before creating tasks.
- [COMMAND_EXECUTION]: The skill uses the todoist-cli utility to manage tasks. This is a primary function of the skill and uses a local secret management tool to handle API tokens.
Audit Metadata