ai-create-tasks

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands to interact with the local filesystem and manage Git operations for repository synchronization. Evidence: execution of git add, git commit, git push, git rev-parse, and ls via Bash.
  • [DATA_EXFILTRATION]: The skill is designed to perform Git push operations to synchronize the local Obsidian vault with a remote repository. This constitutes a network transfer of local project documentation. Evidence: git -C "$V" push.
  • [PROMPT_INJECTION]: The skill processes content from documentation files to generate implementation tasks, creating an attack surface for indirect prompt injection. Ingestion points: Reads prd.md and tech-spec.md files from the vault. Boundary markers: None. The skill does not implement specific delimiters or instructions to isolate the content of these documents from the agent's logic. Capability inventory: The skill has the ability to write/edit local files and execute shell commands. Sanitization: None. Requirements and technical details are interpreted directly from the source files without validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 02:45 PM
Security Audit — agent-trust-hub — ai-create-tasks