agile-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes standard development tools including git and npm to manage isolated worktrees, execute test suites, and perform build verification. These operations are confined to the local project environment and the authorized remote origin.
- PROMPT_INJECTION (SAFE): An indirect prompt injection surface is present as the skill processes external code files and review outputs. However, this is inherent to the skill's purpose as a development assistant. The instructions mitigate risk by requiring human-readable reports and adherence to project quality guidelines.
- Evidence for Indirect Injection Surface (Category 8):
- Ingestion points: review-output in apply-recommendations.md; source code files in review-code.md and review-tests.md.
- Boundary markers: Absent from instructions.
- Capability inventory: git (push, merge, commit), npm (test, build, lint).
- Sanitization: Not explicitly implemented; relies on logic-based triage and manual review checkpoints.
Audit Metadata