Skills
skills/gendosu/agkan-skills/execute-icebox/Gen Agent Trust Hub

execute-icebox

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill utilizes the agkan command-line utility for legitimate operations, specifically listing and retrieving task information from a workspace.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface due to the way it processes external task data.
  • Ingestion points: Untrusted data enters the agent context via the output of agkan task list and agkan task get (task titles and bodies).
  • Boundary markers: The prompt provided to the sub-agent lacks explicit delimiters or instructions to ignore potential instructions embedded within the interpolated task body.
  • Capability inventory: The skill has capabilities to read task data and delegate processing to general-purpose sub-agents.
  • Sanitization: No validation or sanitization is performed on the task title or body before being passed to the sub-agent.
  • [SAFE]: The use of a sub-agent to review tasks is a standard architectural pattern for complex AI agent workflows and does not represent a security risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:42 AM