Skills
skills/ruphware/cdd-skills/cdd-implement-todo/Gen Agent Trust Hub

cdd-implement-todo

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is instructed to run commands found in the Automated checks section of TODO.md and TODO-*.md files. This is a primary capability used to verify the correctness of the code implementations it performs.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests instructions and command sequences from external files which may be untrusted in some contexts.
  • Ingestion points: The skill reads several repository files, including TODO.md, TODO-*.md, AGENTS.md, and README.md (as seen in SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or safety prompts to prevent the agent from obeying malicious instructions embedded within the TODO task descriptions or check commands.
  • Capability inventory: The skill possesses the capability to modify repository files (implementation and TODO updates) and execute shell commands (automated checks).
  • Sanitization: There is no evidence of command validation or sanitization before the execution of the automated checks extracted from the files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 06:20 PM