cy-execute-task
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure operational practices, such as requiring reconciliation of the workspace state before edits, stopping for requirement conflicts, and explicitly forbidding automatic code pushes.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by reading externally-sourced task specifications and executing validation commands contained within them. Ingestion points: Task specification markdown (referenced in SKILL.md Steps 1 and 4). Boundary markers: None. Capability inventory: Command execution (validation tests in Step 4) and file system access (reading PRDs, updating status files). Sanitization: None. This finding is classified as safe because the behavior is necessary for the skill's primary purpose as a development agent and is constrained to the local repository context.
Audit Metadata