task-capture
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the handling of untrusted user input. • Ingestion points: User-provided task descriptions supplied via the /task-capture command triggers (SKILL.md). • Boundary markers: No delimiters or instructions to ignore embedded commands are present when user input is interpolated into the markdown templates (references/TEMPLATES_V1_1.md). • Capability inventory: The skill allows the agent to create and write markdown files to a specific local path at E:\OBData\ObsidianDatas\0收集箱日清. • Sanitization: No evidence of input validation or escaping is provided before user content is written to the filesystem.
Audit Metadata