task-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill processes untrusted input (specs/requirements) to generate task files. Malicious content within these inputs could potentially influence the agent's task generation behavior.
- Indirect Prompt Injection Surface (LOW): 1. Ingestion points: Input specifications and requirements processed in the Phase 1 workflow. 2. Boundary markers: Absent; the prompt does not instruct the model to ignore instructions embedded in the source text. 3. Capability inventory: The skill has the capability to write markdown files to the /tasks/ directory. 4. Sanitization: Absent; the skill does not filter or sanitize the provided specifications before interpolating them into tasks.
Audit Metadata