todo-triage
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs standard file management operations, such as renaming and deleting files within designated project directories (".context/compound-engineering/todos/" and "todos/"). These actions are consistent with its primary purpose and are gated by interactive user confirmation.
- [PROMPT_INJECTION]: The skill processes content from task files, creating a surface for indirect prompt injection. This is evaluated as safe because the workflow is interactive and limited to specific, non-sensitive project paths.
- Ingestion points: Task files located in ".context/compound-engineering/todos/" and "todos/" (SKILL.md).
- Boundary markers: None; the skill does not use specific delimiters to separate file content from instructions.
- Capability inventory: Ability to rename and delete files within specified project directories (SKILL.md).
- Sanitization: None; there is no evidence of content validation or escaping for ingested data.
Audit Metadata