trello
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it retrieves and displays content from Trello, such as card descriptions and comments, which could be controlled by third parties or attackers.
- Ingestion points: Data retrieved from the Trello REST API (api.trello.com) via curl.
- Boundary markers: None; the skill does not use delimiters or warnings to separate Trello content from agent instructions.
- Capability inventory: The skill uses curl for network operations and jq for data processing.
- Sanitization: No sanitization or validation is applied to the content fetched from the Trello API.
- [COMMAND_EXECUTION]: The skill executes shell commands using curl and jq to perform its core functions. These commands are used to interact with a well-known service and manage user data as intended.
Audit Metadata