Skills
skills/treasure-data/td-skills/schedule-review/Gen Agent Trust Hub

schedule-review

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Potential for indirect prompt injection via unsanitized file content. The skill reads 'TASK.md' and 'schedule.yaml' from the local file system and pastes the raw content directly into the 'TaskCreate' prompt for sub-agents.
  • Ingestion Point: SKILL.md defines steps to read file content from a task directory (e.g., '~/.tdx/schedule-tasks/').
  • Boundary Markers: Absent. The prompts for sub-agents do not use delimiters or explicit 'ignore embedded instructions' warnings for the interpolated file content.
  • Capability Inventory: The skill uses 'TaskCreate' to spawn sub-agents and file system 'Read' operations.
  • Sanitization: None detected. External content is interpolated directly into the prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:54 AM
Security Audit — agent-trust-hub — schedule-review