trello
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access patterns detected.
- [EXTERNAL_DOWNLOADS]: The skill communicates with Trello's official API (
api.trello.com) to manage boards, lists, and cards. This is expected behavior for the stated purpose. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill retrieves user-generated content from Trello (card names, descriptions, and comments).
- Boundary markers: None are defined in the command templates.
- Capability inventory: The skill performs network operations via
curland JSON processing viajq. - Sanitization: Data is structured using
jq, but textual content from Trello is not explicitly sanitized for embedded instructions before being processed by the agent.
Audit Metadata