Skills
skills/nyldn/claude-octopus/skill-task-management/Gen Agent Trust Hub

skill-task-management

Warn

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides an 'Automatic Migration' feature that executes a shell script located at "${HOME}/.claude-octopus/plugin/scripts/migrate-todos.sh". Executing scripts from hidden directories in the user's home folder is a security risk if the script origin is unverified.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection during task resumption and progression workflows.
  • Ingestion points: The skill reads data from TaskList() (task subjects and descriptions) and git log (WIP commit messages) to restore context.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested task or commit metadata.
  • Capability inventory: The agent can perform git commit, TaskCreate, TaskUpdate, and execute the migrate-todos.sh shell script.
  • Sanitization: No evidence of sanitization or validation of the content retrieved from tasks or git logs is present before the data is used to guide the agent's actions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 9, 2026, 06:35 AM