Skills
skills/gendosu/agkan-skills/execute-task/Gen Agent Trust Hub

execute-task

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various shell commands including 'git pull', 'git checkout', and several 'agkan' CLI operations to manage task states and repository data.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It retrieves task titles and bodies from the external 'agkan' tool and interpolates them directly into the instructions for a spawned sub-agent.
  • Ingestion points: Data enters the context via 'agkan task list' and specific task detail fetches.
  • Boundary markers: None are used to separate untrusted task content (Title/Body) from the agent's instructions in the Task tool prompt.
  • Capability inventory: The skill and its sub-agents can execute shell commands (git, agkan), read local files (SKILL.md), and spawn further sub-agents.
  • Sanitization: There is no evidence of validation or escaping for the 'title' or 'body' fields before they are passed to the sub-agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:42 AM