sync-things-tasks
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
thingscommand-line interface to manage todos, performing operations such as adding tasks, reviewing daily lists, and searching project data. - [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by ingesting and processing data from Obsidian notes to generate command arguments.
- Ingestion points: Contents of the Obsidian vault notes processed by the agent.
- Boundary markers: No boundary markers or 'ignore' instructions are specified in the prompt to delimit external note content from agent instructions.
- Capability inventory: Execution of the
thingsCLI tool with various subcommands as defined inSKILL.md. - Sanitization: No sanitization or validation logic is present to filter malicious instructions within notes before they are processed.
Audit Metadata