workflow-verification
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill does not exhibit any malicious behaviors, obfuscation, or unauthorized data access patterns.
- [NO_CODE]: The skill is comprised entirely of YAML metadata and Markdown instructions, with no associated scripts, binaries, or executable code provided in the skill package.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes user input to initiate a workflow. 1. Ingestion points: The user's prompt is used as context for the
/workflow-startcommand inSKILL.md. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: The workflow involves commands like/testand/fix, which suggest the agent has capabilities to interact with the environment or code, though no specific implementation is provided here. 4. Sanitization: No sanitization or validation of the user context is defined within the skill.
Audit Metadata