Skills
skills/catlog22/claude-code-workflow/team-lifecycle-v5/Gen Agent Trust Hub

team-lifecycle-v5

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute structured CLI commands for LLM-based analysis and automated testing. It runs tools like ccw cli and test frameworks including vitest, jest, and pytest. These operations are consistent with the skill's primary function.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes user-provided content and project artifacts that are subsequently passed to other LLMs. Findings include: 1. Ingestion points: role-specs/analyst.md (user topic) and subagents/discuss-subagent.md (generated artifacts). 2. Boundary markers: Not explicitly defined in prompt templates. 3. Capability inventory: Broad access to file tools, shell execution, and task creation. 4. Sanitization: No specific input filtering detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 11:06 AM