skill-authoring-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill instructs the agent to execute local repository scripts (e.g., ./scripts/add-a-skill.sh, ./scripts/test-a-skill.sh) to automate development tasks. These operations are confined to the local environment and are standard for a workflow-type skill.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill ingests untrusted data from research notes but follows a secure validation sequence. 1. Ingestion points: Phase 2 research framework files. 2. Boundary markers: Absent. 3. Capability inventory: Local script execution and file writing. 4. Sanitization: Mandatory smoke tests and metadata validation in Phase 4.
Audit Metadata