workflow-runner
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests cloning the 'agency-agents-zh' repository from GitHub (github.com/jnMetaCode/agency-agents-zh.git) or installing it via npm to provide the necessary role definitions. These resources are managed by the skill's author and are used for standard configuration.
- [COMMAND_EXECUTION]: Uses basic shell commands (e.g., 'test -d') to locate the directory containing agent role definitions on the local file system. This is a routine operation for configuration discovery.
- [PROMPT_INJECTION]: The skill builds prompts for sub-agents by reading content from external YAML and Markdown files. While this creates a surface for indirect prompt injection, it is the primary intended function of the skill to process user-defined or local workflow files. The instructions prioritize following the roles defined in these local files.
Audit Metadata