beads-issue-tracker
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill processes task-related data such as titles and descriptions which could potentially contain untrusted input from external sources during issue creation or synchronization.\n
- Ingestion points: External data enters the agent context through
bd create,bd update, and JSONL file synchronization (imports).\n - Boundary markers: None specified in the provided documentation to delimit external input from instructions.\n
- Capability inventory: The skill facilitates command execution via the
bdCLI and manages local file system data through SQLite databases and JSONL files.\n - Sanitization: No explicit sanitization or input validation mechanisms are described within the skill configuration.
Audit Metadata