Skills
skills/shinpr/claude-code-workflows/recipe-task/Gen Agent Trust Hub

recipe-task

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill interpolates user-provided $ARGUMENTS directly into the prompt for the dev-workflows:rule-advisor subagent in SKILL.md. The output from this subagent is then used to define the task essence, select rules, and create the initial task list via TaskCreate. A malicious task description could manipulate the subagent's planning process to influence subsequent agent actions.
  • Ingestion points: $ARGUMENTS variable in SKILL.md used in Step 1.
  • Boundary markers: Absent; there are no delimiters or instructions to the subagent to ignore potential commands within the user input.
  • Capability inventory: Subagent calls to dev-workflows:rule-advisor, and task management via TaskCreate and TaskUpdate tools.
  • Sanitization: No validation, escaping, or filtering is performed on the input before it is passed to the subagent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 10:40 PM