workflow-design
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided prompts as context for a multi-step design workflow without adequate isolation.
- Ingestion points: Untrusted user input enters the agent context via the user prompt passed to the
/workflow-start design-workflowcommand inSKILL.md. - Boundary markers: Absent. The skill does not use delimiters (such as triple quotes or XML tags) or specific instructions to isolate user input from system commands.
- Capability inventory: The skill has the capability to trigger a sequence of actions including generating design specifications, creating UI interfaces, and writing frontend code via
/design-spec,/interface-design,/frontend-design, and/code-review. - Sanitization: There is no evidence of input validation or sanitization of the user-provided context before it is passed to the workflow engine.
Audit Metadata