workflow-greenfield-init
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses imperative language ('IMPORTANT', 'MUST', 'Do NOT skip') to enforce a strict execution order on the agent.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted user input as the primary context for a multi-step automated workflow.
- Ingestion points: User-provided prompt passed as context to the
greenfield-initworkflow inSKILL.md. - Boundary markers: No delimiters or instructions to ignore embedded commands are present in the context interpolation.
- Capability inventory: The workflow includes powerful capabilities such as
/web-research,/deep-research,/security,/test, and/code-simplifieras defined inSKILL.md. - Sanitization: No evidence of sanitization or validation of the input prompt before it influences downstream tool execution.
Audit Metadata