autonomous-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- Data Exposure & Exfiltration (SAFE): The skill promotes security hygiene by explicitly instructing the agent to never commit .env files, credentials, or secrets.
- Prompt Injection (SAFE): No malicious instruction overrides or safety bypass patterns were detected. The usage of 'CRITICAL' in headers is strictly instructional for the proposed workflow.
- Remote Code Execution (SAFE): No external dependencies, remote script downloads, or execution patterns were found.
- Obfuscation (SAFE): No hidden characters, encoded content, or homoglyphs were detected.
- Indirect Prompt Injection (LOW): While the skill manages development tasks, it does not define mechanisms for ingesting untrusted external content. Risk is limited to the agent's general operational context.
Audit Metadata