atlan-workflow-args-secrets-state
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill correctly implements credential security by using a 'credential_guid' and a dedicated SecretStore, ensuring that sensitive information is never hardcoded or stored in plain text.
- [COMMAND_EXECUTION]: The instructions involve executing 'atlan-fact-verification-gate', which is a standard utility provided by the vendor (atlanhq) to verify workflow lifecycle changes.
- [PROMPT_INJECTION]: The skill interacts with external workflow arguments, presenting an indirect prompt injection surface. This is managed through instructions that prioritize argument normalization and separate data retrieval from execution logic.
- Ingestion points: Workflow arguments are loaded and normalized through the 'get_workflow_args' method (SKILL.md).
- Boundary markers: No explicit delimiters or boundary warnings are provided for the workflow arguments.
- Capability inventory: The skill orchestrates activity methods, performs state updates, and executes the 'atlan-fact-verification-gate' CLI tool (SKILL.md).
- Sanitization: Risk is mitigated by mandating normalization of arguments and the use of a secure SecretStore for any sensitive data retrieval (references/state-flow.md).
Audit Metadata