Skills
skills/pjt222/development-guides/manage-backlog/Gen Agent Trust Hub

manage-backlog

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute grep and wc commands for counting task statuses within the BACKLOG.md file. These commands are hardcoded to specific patterns and target a local file, posing minimal risk.
  • [PROMPT_INJECTION]: The skill processes external data from BACKLOG.md, which introduces a surface for indirect prompt injection. \n
  • Ingestion points: The agent reads the contents of BACKLOG.md during the initialization and status update steps. \n
  • Boundary markers: There are no explicit delimiters or instructions to ignore potential commands embedded within the backlog items. \n
  • Capability inventory: The skill allows access to Read, Write, Edit, and Bash tools. \n
  • Sanitization: No input validation or sanitization is performed on the item descriptions or notes read from the file.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 10:51 PM