teamwork-integrator
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a read-only design pattern, explicitly delegating any task creation or modification to a separate specialist agent, which mitigates the risk of unauthorized state changes.\n- [SAFE]: Analysis of all files confirmed no external dependencies are installed, and no remote scripts are downloaded or executed.\n- [SAFE]: Network activity is restricted to the Teamwork platform and placeholder URLs for well-known, trusted services like Vercel and Pantheon.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data from Teamwork task descriptions and comments. However, this is inherent to its primary purpose and is classified as low risk because the skill lacks write permissions or dangerous execution capabilities.\n
- Ingestion points: Task descriptions and comments fetched via
mcp__teamwork__twprojects-get_taskas documented intemplates/operations-reference.md.\n - Boundary markers: The skill lacks explicit delimiters for external data, relying on standard markdown formatting.\n
- Capability inventory: Operations are limited to read-only MCP tool calls; no file system writes or subprocess executions are permitted.\n
- Sanitization: No sanitization of the external content is performed before presentation to the user.
Audit Metadata