recipe-task
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided arguments ($ARGUMENTS) and interpolates them into calls for internal tools like rule-advisor and TaskCreate. This creates a surface for indirect prompt injection.
- Ingestion points: The $ARGUMENTS variable in SKILL.md receives untrusted data.
- Boundary markers: No specific boundary markers or instructions to disregard nested commands are defined for the input.
- Capability inventory: The skill is designed to call rule-advisor, TaskCreate, and TaskUpdate, which manage task logic and execution steps.
- Sanitization: There is no evidence of sanitization or input validation before processing $ARGUMENTS.
Audit Metadata