The Agent Skills Directory

[SAFE]: The skill instructions and referenced workflows focus exclusively on local task management. No remote connections, external script executions, or hardcoded credentials were found across any of the files.
[PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it instructs the agent to ingest and act upon data stored in task logs and descriptions which may originate from untrusted sources.
Ingestion points: Data enters the agent's context through commands like td usage, td context <id>, and td show <id> as described in SKILL.md and references/ai_agent_workflows.md.
Boundary markers: The instructions do not define delimiters or specify that the output of the td tool should be treated as untrusted data.
Capability inventory: The agent is empowered to execute terminal commands (CLI usage) and perform file system operations (e.g., via td link).
Sanitization: There is no evidence of sanitization or content filtering for the task metadata before it is processed by the agent.

td-task-management