nytid-todo
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing subcommands of the 'nytid' CLI utility for task lifecycle management and metadata updates.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from external sources.\n
- Ingestion points: The agent reads task descriptions, notes, and metadata from the 'nytid' system and imports issues from GitHub.\n
- Boundary markers: There are no explicit markers or instructions defined to prevent the agent from following instructions potentially embedded in task or issue content.\n
- Capability inventory: The skill enables the agent to execute shell commands via the 'nytid' tool and potentially spawn shells in task directories.\n
- Sanitization: No evidence of content sanitization or validation is present for data retrieved from external sources.
Audit Metadata