task-management-protocol
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of a standardized protocol for task synchronization and context handoff between agent sessions. It utilizes built-in task management tools (TaskCreate, TaskList, TaskGet, TaskUpdate) and does not perform any unauthorized network operations, file access, or command execution.
- [DATA_EXPOSURE]: The skill references the environment variable CLAUDE_CODE_TASK_LIST_ID for cross-session coordination. This is a configuration identifier and does not expose sensitive credentials.
- [PROMPT_INJECTION]: The skill processes task data which presents an indirect prompt injection surface. 1. Ingestion points: TaskGet (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Write, TaskUpdate (SKILL.md). 4. Sanitization: Absent. This is a functional requirement of the skill and is mitigated by the use of structured metadata fields.
Audit Metadata