to-tasks
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or security vulnerabilities were identified. The skill adheres to the principle of least privilege by requesting user confirmation before any mutation.
- [PROMPT_INJECTION]: Potential indirect prompt injection surface exists because the skill ingests untrusted data from Jira issues and local files. However, the risk is mitigated by a mandatory human-in-the-loop approval process before tasks are created or files are written.
- Ingestion points: Reads project context from Jira bodies, comments, and local repository files.
- Boundary markers: None explicitly defined for the input data.
- Capability inventory: Uses the
jiratool to create issues and writes markdown files to.agents/skills/to-tasks/. - Sanitization: None, reliance is placed on the mandatory user approval step in 'Quiz the user'.
Audit Metadata