workflow-bugfix
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by using user-provided text as context for a multi-step automated workflow.
- Ingestion points: The user prompt is passed to the /workflow-start command in SKILL.md.
- Boundary markers: Absent. There are no delimiters defined to separate user input from the agent's internal instructions.
- Capability inventory: The workflow includes operations such as /fix and /test, which imply the ability to modify source code and execute testing suites.
- Sanitization: No sanitization or validation of the input context is specified in the skill definition.
- [NO_CODE]: The skill consists entirely of markdown configuration and orchestration instructions; it does not distribute any executable scripts or binary files.
Audit Metadata