Skills
skills/kaelzhang321/teambition-agent-toolkit/tb-update-task-tags/Gen Agent Trust Hub

tb-update-task-tags

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Bash(node *) to execute bin/tb-api.mjs with parameters interpolated from external data.
  • Ingestion points: Data enters the context via .teambition.md and the output of the search-tags command.
  • Capability inventory: The skill is authorized to use Bash, Read, and Edit tools.
  • Sanitization: There is no evidence of input validation or escaping for the and variables before they are placed into the shell command string.
  • Risk: Maliciously crafted data in the Teambition project or the local metadata file could lead to command injection, although the allowed-tools configuration mitigates this by restricting execution to Node.js binaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 03:32 AM