cc-task-state
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill manages project-local state by creating, updating, and archiving files within the ".codex/tasks/" and "~/.codex/tasks/" directories. These activities are limited to the local file system and are the primary intended function of the skill.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it transforms untrusted user input into persistent task records.
- Ingestion points: Processes natural language updates from users to extract task descriptions and states.
- Boundary markers: The skill does not specify the use of delimiters or
Audit Metadata