Skills
skills/yoochankim/task-manager/task-tracker/Gen Agent Trust Hub

task-tracker

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection.\n
  • Ingestion points: The skill reads task data from the ~/todos.md file.\n
  • Boundary markers: No delimiters or explicit instructions to ignore embedded commands are defined when parsing task content.\n
  • Capability inventory: The skill utilizes Read and Write tools to modify the local file system.\n
  • Sanitization: No input validation or sanitization is performed on task text before it is displayed or processed.\n- [SAFE]: No evidence of unauthorized network activity or data exfiltration was detected.\n- [SAFE]: The skill does not download external dependencies or execute remote code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 06:42 PM