Skills
skills/youyo/logvalet/logvalet-my-week/Gen Agent Trust Hub

logvalet-my-week

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using the lv CLI tool (part of the logvalet suite) to fetch issue data from Backlog. This is the primary and intended behavior of the skill.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from an external source (Backlog issues).
  • Ingestion points: Data enters the agent context through the output of the lv issue list commands defined in SKILL.md.
  • Boundary markers: Absent. The skill instructions do not specify any delimiters or provide instructions to the agent to disregard potential commands or instructions embedded within the retrieved task data.
  • Capability inventory: The agent has access to the bash tool as required for the lv command execution in SKILL.md.
  • Sanitization: Absent. No sanitization, escaping, or filtering of the retrieved issue content is performed before the agent formats the final output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 04:10 PM