workflow-full-feature-lifecycle
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is entirely instructional and does not perform file system operations, network requests, or system-level command execution. No obfuscation or malicious logic was detected.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill uses the 'user's prompt' as context for its workflow. Ingestion points: The user's prompt is passed to the /workflow-start command in SKILL.md. Boundary markers: No markers or isolation instructions are present to separate the user prompt from the agent's instructions. Capability inventory: The skill triggers a chain of 18 separate commands (/idea through /workflow-end). Sanitization: There is no indication of sanitization or validation of the input context.
Audit Metadata