flow-coordinator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Safe] (SAFE): No malicious patterns detected. The templates define structured workflows using internal agent slash commands.
- [Indirect Prompt Injection] (SAFE): While the templates use a
{{goal}}variable which could ingest untrusted data (Category 8 surface), this is a fundamental part of the developer-centric workflow. There is no automated fetching of external data from untrusted sources (e.g., web scraping) that would elevate this to a significant risk. - [Execution Safety] (SAFE): The workflows focus on standard software engineering practices like planning, testing, and reviewing. Security review steps are explicitly mentioned as context hints in
review.jsonandcoupled.json.
Audit Metadata