Skills
skills/letta-ai/letta-code/scheduling-tasks/Gen Agent Trust Hub

scheduling-tasks

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-supplied strings which are stored and later re-injected into the agent's context as prompts. This constitutes an indirect prompt injection surface.
  • Ingestion points: The --prompt argument in the letta cron add command.
  • Boundary markers: Absent; the content is passed back to the agent as a message.
  • Capability inventory: The agent can execute shell commands via the letta cron CLI tool.
  • Sanitization: No sanitization or verification of the scheduled prompt content is performed by the skill instructions.- [COMMAND_EXECUTION]: The skill uses the letta cron CLI tool to create and manage scheduled tasks. These commands are executed locally using a Bash tool and are part of the ecosystem provided by the skill author.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 03:25 PM
Security Audit — agent-trust-hub — scheduling-tasks