workflow-release-prep
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection where untrusted data could influence agent behavior.
- Ingestion points: The user's prompt is passed directly as context to the
/workflow-startcommand in SKILL.md. - Boundary markers: The skill lacks explicit delimiters or instructions to treat the interpolated user prompt as data rather than instructions.
- Capability inventory: The skill orchestrates a sequence of high-level actions including
/sre-review,/quality-gate, and/statusas defined in SKILL.md. - Sanitization: No validation, escaping, or filtering of the user prompt is performed before interpolation into the workflow command.
Audit Metadata