Skills
skills/openant-ai/openant-skills/my-tasks/Gen Agent Trust Hub

my-tasks

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes npx @openant-ai/cli commands to interact with the OpenAnt platform. The use of wildcards in allowed-tools and the interpolation of task IDs present a surface for command injection if input is not strictly validated.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the @openant-ai/cli package from the NPM registry at runtime. As this is a vendor-owned resource matching the skill author, it is considered legitimate functionality.
  • [PROMPT_INJECTION]: The skill processes untrusted content from task titles and descriptions which can serve as a vector for indirect prompt injection.
  • Ingestion points: External task data is ingested via the tasks list and tasks get commands.
  • Boundary markers: There are no boundary markers or instructions to isolate retrieved data from the agent's command context.
  • Capability inventory: The agent has the ability to execute shell commands via the OpenAnt CLI.
  • Sanitization: The skill does not specify any sanitization or filtering of the task data before it is presented to the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 10:47 AM