do-long-task
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and documentation are entirely focused on project management and development workflows. No malicious patterns such as prompt injection, data exfiltration, or unauthorized command execution were detected.
- [COMMAND_EXECUTION]: The skill mentions executing standard development tools like
git,lint,typecheck, andtest. These are necessary for the primary purpose of development task management and do not exhibit suspicious behavior. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process local project files (e.g.,
tasks.md,proposal.md). While this represents a surface for indirect prompt injection if those files were maliciously crafted, the risk is mitigated by the skill's specific focus on task tracking and documentation rather than executing arbitrary logic from those files. The risk is considered minimal and typical for a development-focused agent.
Audit Metadata