trekker
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices and does not include any suspicious remote code execution, external downloads, or data exfiltration patterns. All operations are performed locally via the 'trekker' CLI.
- [COMMAND_EXECUTION]: The skill executes 'trekker' CLI commands (e.g.,
trekker task list,trekker comment add) to manage project state. This behavior is transparently documented and aligned with the skill's primary purpose. - [PROMPT_INJECTION]: While the agent reads content from task descriptions and comments which could theoretically host indirect injection attempts, this is a standard risk for task management tools and is handled by the model's internal safety guidelines.
Audit Metadata