Skills
skills/terrylica/cc-skills/list-repo-tasks/Gen Agent Trust Hub

list-repo-tasks

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute mise tasks ls and jq for listing and filtering repository tasks. These are standard operations for development environments and do not involve high-risk commands or privilege escalation.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) because it processes untrusted task names and descriptions from the repository's configuration.
  • Ingestion points: Output from mise tasks ls processed in SKILL.md.
  • Boundary markers: None specified in the parsing instructions.
  • Capability inventory: The skill has access to the Bash tool as defined in SKILL.md.
  • Sanitization: No sanitization or escaping of task metadata is performed. However, as this behavior is fundamental to the skill's primary purpose of displaying task information, the risk is considered negligible.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 05:28 PM