app-development-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands (
git logandls) to provide the agent with project context, such as recent commit history and the presence of project files (Xcode projects or Swift packages). These are read-only operations that are directly aligned with the skill's primary purpose of development workflow management. - [NO_CODE]: The skill is primarily composed of Markdown documentation and command orchestration instructions. It does not include any embedded scripts, binary executables, or external logic files.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface through the ingestion of project metadata.
- Ingestion points: Project context is gathered from the local environment via the
!git logand!lscommands inSKILL.md. - Boundary markers: Absent; command output is presented to the agent without specific delimiters or instructions to ignore embedded commands.
- Capability inventory: The workflow refers to capabilities for file modification, project scaffolding, building, and testing provided by other skills in the toolkit (e.g.,
/build,/test,/scaffold-project). - Sanitization: None; raw command output is passed to the agent. This is considered a low-risk vulnerability surface given the intended development use case.
Audit Metadata