todo-list
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on local execution of Node.js scripts located in the
scripts/directory to handle time parsing and todo list operations. This is a primary function of the skill.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it stores user-controlled strings in a local file and subsequently presents them to the agent.\n - Ingestion points: User-provided task descriptions and progress notes in
scripts/todo.js.\n - Boundary markers: Task data is presented as a list or JSON without explicit delimiters to isolate stored content from agent instructions.\n
- Capability inventory: The skill is capable of reading and writing files within its local
temp/directory.\n - Sanitization: The skill escapes pipe characters (
|) for Markdown compatibility but does not sanitize content against potential AI instruction overrides.
Audit Metadata