tasks-generator
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands for Git workflow management, including
git fetch,git pull,git commit, andgit pushto synchronize changes with the remote repository. It also optionally executes a local Python scriptscripts/update_readme_ideas_index.pyif it exists in the repository structure. - [EXTERNAL_DOWNLOADS]: Network operations are limited to standard Git synchronization tasks with the user's established remote origin.
- [DATA_EXFILTRATION]: The skill reads project-specific documentation (e.g.,
prd.md,tad.md) and local configuration markers (e.g.,~/.config/ideas-root.txt) to extract requirements and resolve project paths. No data is sent to unauthorized external domains. - [PROMPT_INJECTION]: The skill ingests untrusted data from PRD files, which constitutes a surface for indirect prompt injection. This is a low-severity risk inherent to the skill's primary function of document analysis and task generation.
Audit Metadata