trello
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it retrieves and processes data from an external, potentially untrusted source.
- Ingestion points: The skill fetches board names, list names, card names, and descriptions from the Trello API via
curlcommands inSKILL.md. - Boundary markers: The instructions do not define clear boundaries or provide guidance to the agent to disregard instructions that might be embedded within the Trello card content.
- Capability inventory: The skill uses
curlfor API interactions andjqfor parsing JSON responses. - Sanitization: There is no evidence of content sanitization or validation to prevent the agent from obeying instructions hidden in Trello card metadata or descriptions.
Audit Metadata