workflow-producer
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses high-priority imperative instructions to force the agent into a specific workflow, mandating that the user be presented with a mode selection menu regardless of the initial request.
- [COMMAND_EXECUTION]: The skill triggers the execution of a local utility script,
python scripts/generate_clean.py, to perform final text formatting. - [PROMPT_INJECTION]: The workflow presents an indirect injection surface by passing raw user input (such as original requests and topics) into the prompts of various sub-agents without implementing boundary markers or sanitization. Ingestion points:
SKILL.mdvia variables like[原始请求],[领域], and[读者]. Boundary markers: None. Capability inventory: Orchestrates multiple sub-agents, performs file operations in thearticles/directory, and executes local scripts. Sanitization: None.
Audit Metadata