Skills
skills/quinlanjager/fine/task/Gen Agent Trust Hub

task

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the fine CLI tool using npx to perform task management operations such as creating, listing, and showing tasks.
  • [EXTERNAL_DOWNLOADS]: Running npx @jagersoftware/fine involves downloading and executing code from the npm registry. The package is associated with the skill author's organization.
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes user-provided task descriptions and steps which may contain instructions targeting the agent.
  • Ingestion points: Reads content from markdown files within the tasks/ directory via fine show or direct file access.
  • Boundary markers: The skill lacks explicit instructions or delimiters to help the agent distinguish between task data and potential embedded instructions.
  • Capability inventory: Includes command execution via the fine CLI and file system modifications (write/edit) within the workspace.
  • Sanitization: No content filtering or validation of the markdown file content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 02:58 PM