workflow-test-verify
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a benign operational workflow. All commands referenced (/scout, /integration-test, /test, /watzup, /workflow-end) are internal agent slash commands.
- [PROMPT_INJECTION]: The skill uses directive language ('IMPORTANT', 'MUST', 'Do NOT skip') to ensure the agent follows the defined sequence. This is consistent with natural instructional language for managing complex tasks and does not attempt to override core safety constraints.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection by passing the user's prompt as context to the /workflow-start command.
- Ingestion points: User input is passed as context in the execution of the workflow trigger in SKILL.md.
- Boundary markers: Absent; user input is processed as context without explicit delimiters or escaping.
- Capability inventory: The workflow triggers multiple internal commands (/scout, /integration-test, /test, /watzup, /workflow-end).
- Sanitization: No explicit sanitization or validation of the user's prompt is performed within the skill metadata.
Audit Metadata