interactive-checklist
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill acts as a documentation generator, producing static markdown checklists from user-provided workflow descriptions. It contains no executable scripts or system-level logic that interacts with the operating system.
- [SAFE]: All shell command examples (e.g., npm run build, systemctl, pg_dump) found in the reference files and templates are provided for instructional purposes for the user and are not executed by the AI agent.
- [PROMPT_INJECTION]: The skill accepts untrusted user input via the
steps_inputandworkflow_nameparameters, which are then used to generate markdown content. This creates a surface for indirect prompt injection, where malicious instructions embedded in the input could influence the content of the generated checklist. However, the risk is negligible as the output is limited to static text documentation. - Ingestion points:
steps_inputandworkflow_nameinSKILL.md. - Boundary markers: None identified in the interpolation logic.
- Capability inventory: None; the skill is restricted to text generation.
- Sanitization: No input validation or escaping is performed.
Audit Metadata