workflow-template-seeder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The workflow includes steps to run installation and build commands (e.g., npm install, dev, build) to verify the generated templates. These are core functions of the skill and restricted to the local template directory.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface (Category 8): The skill processes external input from 'template_spec.md' which influences the generation of code and integration settings. • Ingestion points: template_spec.md is used to define slugs, integrations, and core pages. • Boundary markers: No explicit delimiter or 'ignore' instructions are defined in this orchestration file. • Capability inventory: Subprocess calls via shell for node/npm commands and file-system write access. • Sanitization: None explicitly defined; the workflow relies on downstream skills like 'workflow-ship-faster' for implementation details.
- [DATA_EXFILTRATION] (SAFE): The skill includes specific instructions to 'Never commit secrets' and 'Remove secrets; only keep env key names', mitigating the risk of accidental credential exposure in generated templates.
Audit Metadata