Skills
skills/satone7/skills/find-next-task/Gen Agent Trust Hub

find-next-task

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests untrusted data from the repository by searching for and parsing JSON plan files (docs/plans/.json, **/.json).
  • Ingestion points: JSON files in the project directory are read and their content is processed.
  • Boundary markers: None present. The skill does not use delimiters or instructions to prevent the agent from obeying commands embedded in task descriptions or steps.
  • Capability inventory: The skill directs the agent's next steps, and since the agent likely has tools for file modification or command execution, this can lead to the execution of malicious tasks.
  • Sanitization: No filtering or validation is performed on the textual content of the plans to ensure they contain only data and not instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 09:22 PM