workflow-hotfix
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user input as context for a multi-step automated workflow without adequate security boundaries.
- Ingestion points: The SKILL.md body instructs the agent to use the user's prompt as context for the
/workflow-start hotfixcommand. - Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present to isolate user input from command instructions.
- Capability inventory: The workflow involves sequence steps such as
/fixand/test, which suggest file modification and code execution capabilities downstream. - Sanitization: There is no evidence of input validation or sanitization to prevent the user prompt from containing hidden instructions.
Audit Metadata