taskwarrior-manager
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill interacts with the local system by executing the Taskwarrior CLI binary ('task'). This is standard behavior for a management tool and does not involve elevated privileges.- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it reads and processes task descriptions which may be influenced by external inputs.
- Ingestion points: The agent retrieves task data (descriptions, tags, projects) from the output of the 'task' command.
- Boundary markers: No delimiters are defined to isolate task data from instructions.
- Capability inventory: The skill allows the agent to create and modify tasks via the 'task add' and 'task mod' commands.
- Sanitization: There are no instructions provided to sanitize task descriptions to prevent shell injection or instruction hijacking.
Audit Metadata