Skills
skills/zard-ui/zardui/nx-run-tasks/Gen Agent Trust Hub

nx-run-tasks

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent on how to execute shell commands using the Nx CLI, including commands such as nx run, nx run-many, and nx affected for tasks like building, testing, and linting.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by directing the agent to interpolate user-provided project names, task names, and flags directly into shell commands.
  • Ingestion points: User input is used for the , , and various CLI flags within the commands described in SKILL.md.
  • Boundary markers: There are no boundary markers or delimiters specified to protect against malicious commands embedded in user-supplied strings.
  • Capability inventory: The agent is given instructions to execute arbitrary subprocesses via the nx CLI and common package managers like npx or yarn.
  • Sanitization: The skill contains no instructions for the agent to sanitize, escape, or validate external input before including it in a command line.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:48 PM