Skills
skills/mindfold-ai/trellis/trellis-finish-work/Gen Agent Trust Hub

trellis-finish-work

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local Python scripts (./.trellis/scripts/task.py and ./.trellis/scripts/add_session.py) to manage project tasks and journal entries. These are vendor-provided resources internal to the project structure.
  • [PROMPT_INJECTION]: The skill processes session metadata such as task names, titles, and summaries as command-line arguments, creating a surface for indirect prompt injection.
  • Ingestion points: Arguments passed to Python scripts in SKILL.md.
  • Boundary markers: Absent in the command templates.
  • Capability inventory: Local command execution via shell.
  • Sanitization: Absent in templates; relies on the agent's string handling and the underlying scripts' input validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 08:18 AM