monitoring-tasks
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate task monitoring functions as described in its metadata. It uses local bash scripts (
query-tasks.sh,analyze-tasks.sh) and standard tools (jq) to process task data fetched from a configured provider. - [COMMAND_EXECUTION]: The skill executes local shell scripts to query and analyze task data. Arguments are passed safely using quotes and the
jq --argflag, minimizing injection risks. - [DATA_EXFILTRATION]: No unauthorized data transmission was found. The skill interacts only with the user's configured task database (e.g., Notion) and processes results locally in
/tmp. - [INDIRECT_PROMPT_INJECTION]: The skill ingests external data (task titles and properties) which is a potential surface for indirect prompt injection. However, the data is processed quantitatively via a script rather than being directly interpreted as instructions, and the final report follows a strict template, mitigating risk.
Audit Metadata