cy-create-tasks
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from
_prd.md,_techspec.md, and Architectural Decision Records (ADRs). A malicious actor could embed instructions in these files to manipulate the task generation process or influence the agent's exploration of the codebase. - Ingestion points:
SKILL.md(Workflow steps 2 & 6). - Boundary markers: Not specified; the skill directly interpolates requirements into task descriptions.
- Capability inventory: The skill has the ability to read and write files, explore the codebase via agent tools, and execute the
compozyCLI. - Sanitization: No explicit sanitization or validation of the input file content is performed.
- [COMMAND_EXECUTION]: The skill executes a local CLI tool to validate the generated tasks.
- Evidence: Runs
compozy validate-tasks --name <feature>in step 7 of the workflow. - Note: This appears to be a legitimate project-specific utility, but it represents a capability that could be targeted via the
feature-nameargument.
Audit Metadata