skills/dbosk/claude-skills/nytid-todo/Gen Agent Trust Hub

nytid-todo

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill operates by executing subcommands of the 'nytid' CLI utility for task lifecycle management and metadata updates.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from external sources.\n
  • Ingestion points: The agent reads task descriptions, notes, and metadata from the 'nytid' system and imports issues from GitHub.\n
  • Boundary markers: There are no explicit markers or instructions defined to prevent the agent from following instructions potentially embedded in task or issue content.\n
  • Capability inventory: The skill enables the agent to execute shell commands via the 'nytid' tool and potentially spawn shells in task directories.\n
  • Sanitization: No evidence of content sanitization or validation is present for data retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 09:28 AM
Security Audit — agent-trust-hub — nytid-todo