zentao
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
zentaocommand-line tool, which is installed via NPM. The commands described are typical for interacting with a project management API (listing, creating, and updating entities). - [EXTERNAL_DOWNLOADS]: The skill instructions include installing the
@leeguoo/zentao-mcppackage from the NPM registry. This is a standard distribution method for Node.js-based tools and aligns with the author's identity. - [CREDENTIALS_UNSAFE]: The skill demonstrates a login process using
--zentao-accountand--zentao-passwordflags. While the documentation uses***as placeholders, providing credentials via command-line arguments can expose them to process monitors on the local system. This is a common but sub-optimal CLI pattern. - [DATA_EXPOSURE]: The skill processes data from a ZenTao instance (bug descriptions, task names, documents). If an attacker places malicious instructions inside these project entities, it could potentially influence the agent's behavior (Indirect Prompt Injection). However, this is an inherent risk of any tool that processes external text data.
Audit Metadata