takt-workflow-builder
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a robust framework for managing AI agent workflows through YAML configuration. No indicators of prompt injection, data exfiltration, or malicious obfuscation were found.
- [COMMAND_EXECUTION]: The skill includes a local utility script
scripts/validate-takt-files.sh. This script is used to validate the integrity and structure of generated TAKT workflow and facet files. It uses standard command-line tools (Bash, Python, Ruby) and incorporates safety practices such as passing shell variables via arguments to Python to avoid injection. This is a legitimate development utility for the skill's primary purpose. - [EXTERNAL_DOWNLOADS]: The included reference documentation describes the use of the GitHub CLI (
gh) for fetching issue metadata and managing external workflow packages. These operations are standard, user-initiated functions of the TAKT tool and are performed using official, well-known services.
Audit Metadata