fizzy
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing the 'fizzy' CLI tool and other standard utilities such as 'jq' and 'cat' to interact with the project management service. This is the core functionality of the skill and is documented for legitimate task management purposes.
- [PROMPT_INJECTION]: The skill interacts with external data (board names, card descriptions, and comments) retrieved via API calls, which represents a potential surface for indirect prompt injection.
- Ingestion points: External content fetched via CLI commands defined in 'SKILL.md'.
- Boundary markers: None identified.
- Capability inventory: Shell execution of 'fizzy', 'jq', 'cat', and file system interaction for uploads and rich text processing.
- Sanitization: The skill description does not specify methods for sanitizing or validating the content retrieved from external sources.
Audit Metadata