workflow-qa-po-acceptance
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted user input as context for a multi-step workflow.
- Ingestion points: User input is ingested via the user's prompt and passed as context to the
/workflow-start qa-po-acceptancecommand inSKILL.md. - Boundary markers: The skill lacks explicit boundary markers (e.g., XML tags or delimiters) to separate user content from system instructions.
- Capability inventory: The skill possesses the capability to execute a chain of commands (
/quality-gate,/handoff,/acceptance,/workflow-end) which may be influenced by instructions embedded in the user context. - Sanitization: No sanitization or validation of the user context is performed before it is used to trigger the workflow sequence.
Audit Metadata