no-nonsense-tasks
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill manages a local SQLite database using bash scripts and the
sqlite3CLI. All user inputs are validated and escaped before being used in SQL queries, effectively mitigating risk for the local environment. - [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it stores and displays user-provided strings like task titles and descriptions. This could be exploited if an attacker stores instructions that are later read and followed by an AI agent.
- Ingestion points: User input is accepted through
scripts/task_add.sh,scripts/task_update.sh, andscripts/task_tag.shfor fields such as title, description, and tags. - Boundary markers: Output from list and show commands is presented in standard SQLite column or line formats without specific delimiters or warnings to ignore embedded instructions.
- Capability inventory: All scripts (
scripts/task_*.sh) perform CRUD operations on a local database file (~/.no-nonsense/tasks.db) and do not possess network or arbitrary system execution capabilities. - Sanitization: All string inputs are passed through an
sql_escapefunction inscripts/lib.shthat doubles single quotes to prevent direct SQL injection attacks.
Audit Metadata