task-creation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process external data, such as decomposition documents or user requests, which creates an entry point for indirect prompt injection. While malicious instructions in these sources could attempt to influence the agent's behavior, the skill effectively mitigates this risk by requiring the agent to present a full draft to the user and obtain explicit approval before any tracker operations are executed.\n
- Ingestion points: Processes data from external decomposition documents and standalone user requests as specified in SKILL.md.\n
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when interpolating external data into the task description.\n
- Capability inventory: The skill utilizes agent tools (MCP, API, or CLI) to perform write operations (creating tasks, setting fields, linking tasks) in external issue tracking systems.\n
- Sanitization: Lacks programmatic sanitization of input data; relies on human review and approval of the generated task draft as the primary security control.\n- [NO_CODE]: The skill consists exclusively of markdown instructions and metadata, with no executable scripts or code files provided.
Audit Metadata