task-generator
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill functions as a documentation and task management tool. It does not contain any patterns indicative of data exfiltration, unauthorized remote code execution, or credential theft. All file operations are restricted to the local
/tasks/directory.\n- [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted user specifications and interpolates them into file-writing operations.\n - Ingestion points: The skill reads user-provided specifications or requirements as the primary input for Phase 1.\n
- Boundary markers: Absent. The instructions do not define delimiters or warnings to ignore instructions embedded within the user's specification.\n
- Capability inventory: The skill has the capability to write and update markdown files (
/tasks/tasks-[feature-name].md) on the local file system.\n - Sanitization: The skill lacks explicit sanitization or validation of the input text before generating the task list structure.
Audit Metadata