Skills
skills/openant-ai/openant-skills/create-task/Gen Agent Trust Hub

create-task

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands via the Bash tool to interact with the OpenAnt platform. User-provided strings for task titles and descriptions are interpolated into these commands, which could be exploited for command injection if the agent does not properly escape the inputs.
  • [EXTERNAL_DOWNLOADS]: The skill relies on npx @openant-ai/cli@latest to fetch and execute its core CLI tool. Although the package belongs to the verified author openant-ai, the use of the @latest tag means the skill's behavior could change without notice if the package is updated.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted text from users.
  • Ingestion points: User-provided inputs for the --title and --description flags in the SKILL.md file.
  • Boundary markers: Not present. There are no instructions or delimiters provided to signal that the model should ignore instructions embedded within user content.
  • Capability inventory: The skill has Bash access to manage tasks and interact with crypto wallets.
  • Sanitization: Not present. No escaping or validation logic is specified for the interpolated user content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 01:37 AM