Skills
skills/go-sphere/skills/using-sphere-workflow/Gen Agent Trust Hub

using-sphere-workflow

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data such as project requirements, intake notes, and repository files to route workflows, creating a surface for indirect prompt injection.\n
  • Ingestion points: User-provided intake documents, PRDs, and repository content are ingested as specified in the Routing Rules and Workflow Map in SKILL.md.\n
  • Boundary markers: Absent; the instructions do not include delimiters to separate routing logic from instructions embedded in the processed data.\n
  • Capability inventory: The skill routes to implementation tools like sphere-feature-workflow and pure-admin-crud-generator which possess code generation and file modification capabilities.\n
  • Sanitization: Absent; no validation or filtering of input content is specified for the classification phase.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 03:51 AM