Skills
skills/kaelzhang321/teambition-agent-toolkit/tb-update-task-note/Gen Agent Trust Hub

tb-update-task-note

Warn

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local script bin/tb-api.mjs using the Node.js runtime to perform API operations.
  • [COMMAND_EXECUTION]: User-provided notes are inserted directly into a shell command string (--note "<备注>"). This instruction is vulnerable to command injection if the input contains shell control characters like semicolons or backticks, allowing for potential unauthorized command execution.
  • [DATA_EXFILTRATION]: The skill reads project and task data from a local file named .teambition.md. While necessary for the skill's functionality, this involves access to local configuration data.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by reading data from .teambition.md and using it to guide agent actions. 1. Ingestion points: .teambition.md. 2. Boundary markers: Absent. 3. Capability inventory: node bin/tb-api.mjs command execution. 4. Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 12, 2026, 03:32 AM