Skills
skills/letta-ai/lettabot/scheduling/Gen Agent Trust Hub

scheduling

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs the lettabot-schedule command-line tool for task lifecycle management (create, list, delete, enable, disable). This is a vendor-specific tool provided by letta-ai.\n- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection via the task message parameter.\n
  • Ingestion points: User or agent-provided text is passed to the --message flag in lettabot-schedule create.\n
  • Boundary markers: No specific delimiters or safety instructions are defined to encapsulate these messages when they are retrieved and processed.\n
  • Capability inventory: The skill has the capability to execute the lettabot-schedule command and manage persistent scheduled tasks.\n
  • Sanitization: There is no visible input sanitization or filtering applied to the message content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 11:50 PM