Skills
skills/openant-ai/openant-skills/cancel-task/Gen Agent Trust Hub

cancel-task

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the @openant-ai/cli package from the NPM registry via npx to perform platform operations.
  • [COMMAND_EXECUTION]: Utilizes system shell commands to invoke the vendor CLI for task status verification, cancellation, and settlement checks.
  • [PROMPT_INJECTION]: The skill ingests untrusted task data (such as titles and descriptions) from the OpenAnt platform, creating a vulnerability to indirect prompt injection.
  • Ingestion points: Task metadata retrieved using the tasks get command in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content within the task data fields.
  • Capability inventory: The agent has the ability to cancel tasks and verify financial settlements.
  • Sanitization: No sanitization or validation logic is specified for the data returned from the platform before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 11:30 AM