create-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user input to generate file content, which represents an indirect prompt injection surface. Evidence: 1. Ingestion points: User-provided resource definitions and content descriptions. 2. Boundary markers: Absent; templates do not isolate user input from code/data structures. 3. Capability inventory: File-write operations to various subdirectories within the project source. 4. Sanitization: No input validation is performed before file generation.
- [COMMAND_EXECUTION]: The skill facilitates dynamic code and configuration generation (e.g., index.tsx and designToken.json) based on user requirements. This behavior is consistent with the skill's primary function of resource creation.
Audit Metadata