workflow-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection Surface (LOW): The skill guides the creation of workflows that ingest external data from sources like social media and car registration databases. This represents an attack surface where untrusted data could influence agent behavior.
- Ingestion points: Workflow files in
apps/api/src/lib/workflows/. - Boundary markers: None explicitly mentioned in the code templates.
- Capability inventory: Read, Edit, Write, Bash, Grep, Glob.
- Sanitization: Not explicitly detailed in the snippets; relies on application-level implementation.
- Command Execution (SAFE): Use of the Bash tool is limited to standard development operations such as running tests (
pnpm test) and triggering local endpoints (curl). - Sensitive Data Awareness (SAFE): The skill documents the requirement for sensitive environment variables (e.g.,
DATABASE_URL,QSTASH_TOKEN) but does not contain hardcoded secrets.
Audit Metadata