Skills
skills/gendosu/agkan-skills/agkan-icebox-subtask/Gen Agent Trust Hub

agkan-icebox-subtask

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the 'agkan' CLI tool to interact with task data. It performs read operations (agkan task get) and write operations (agkan task update). These commands are necessary for the skill's stated purpose of managing project tasks.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it retrieves and processes task descriptions which could contain instructions intended to influence the agent's decision-making logic.
  • Ingestion points: Task details (potentially including untrusted user-generated content) are ingested via the agkan task get <id> --json command in SKILL.md.
  • Boundary markers: None identified; the agent is instructed to evaluate the task data directly against specified criteria.
  • Capability inventory: The skill allows the agent to modify task status and content using agkan task update in SKILL.md.
  • Sanitization: No explicit sanitization or filtering of the task content is performed prior to the evaluation step.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:42 AM
Security Audit — agent-trust-hub — agkan-icebox-subtask