dev-task-queue
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires cloning an external Git repository (
git@github.com:OlechowskiMichal/agent-task-queue.git) to the user's home directory (~/.agent-task-queue).\n- [REMOTE_CODE_EXECUTION]: The skill directs the agent to execute multiple Python scripts (e.g.,add_task.py,claim_task.py) located within the externally cloned repository. This executes code not provided within the skill's local files.\n- [COMMAND_EXECUTION]: All core operations of the skill are performed by executing shell commands viapython3to run scripts that modify the file system and perform Git operations.\n- [PROMPT_INJECTION]: The skill processes untrusted external data including task descriptions and Claude Code conversation transcripts (.jsonlfiles).\n - Ingestion points:
~/.claude/projects/*/*.jsonland CLI arguments for task descriptions.\n - Boundary markers: None identified in the provided instructions.\n
- Capability inventory: File system modification, Git repository operations (push/pull), and script execution.\n
- Sanitization: No explicit sanitization or validation of the processed transcript data is mentioned.
Audit Metadata