Skills
skills/qrafty-ai/opencode-kanban/opencode-kanban-cli/Gen Agent Trust Hub

opencode-kanban-cli

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE] (SAFE): Analysis of the skill content reveals no malicious patterns. The instructions are limited to documenting CLI command syntax, global flags, and error codes for a task management tool.
  • [Indirect Prompt Injection] (LOW): The skill instructs the agent to construct shell commands using user-provided input (e.g., task titles or branch names). While the skill itself is passive documentation, there is a potential for shell command injection if the agent does not properly sanitize these inputs before execution.
  • Ingestion points: User-provided text for --title, --branch, --repo, and --id parameters in SKILL.md instructions.
  • Boundary markers: Absent; no delimiters or sanitization warnings are provided in the command templates.
  • Capability inventory: Construction and execution of shell commands (opencode-kanban).
  • Sanitization: Absent; the skill relies on the agent's default handling of string interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 10:10 PM