shell-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The file contains purely instructional documentation for shell script workflows. There are no attempts to override agent behavior, bypass safety filters, or extract system prompts.
- [DATA_EXFILTRATION] (SAFE): No sensitive file paths, credential patterns, or network communication commands are present. The examples use standard temporary file creation (
mktemp) and local directory operations. - [REMOTE_CODE_EXECUTION] (SAFE): There are no commands that download or execute remote scripts (e.g., curl|bash). While it mentions tools like
shellcheckandshfmt, it does not attempt to install them or execute them on untrusted data. - [COMMAND_EXECUTION] (SAFE): The skill provides templates for shell scripts but does not execute them. The recommended practices, such as using
set -euo pipefailand proper variable quoting, actually mitigate common shell script vulnerabilities. - [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill defines how to process data, it explicitly mandates input validation and quoting, which are primary defenses against injection attacks in shell environments.
Audit Metadata