long-chat-task-processor
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted Markdown chat logs.
- Ingestion points: The agent reads data from files within the '1-原始记录/' directory.
- Boundary markers: Structural boundaries are established using line-range processing instructions, though explicit delimiters to ignore embedded instructions are not present.
- Capability inventory: The agent is authorized to write to and update multiple markdown files (e.g., '4-任务池.md') within the created workspace.
- Sanitization: No specific sanitization or filtering of input data is defined.
- [COMMAND_EXECUTION]: The skill executes a bundled Python script to initialize the project environment. The script is safe as it relies on the standard library and uses 'os.path.basename' to ensure that source files are copied into the workspace without risk of path traversal.
Audit Metadata