artifact-lifecycle
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill manages the lifecycle of instructions and code (skills, agents, hooks), creating a surface for indirect prompt injection if an attacker can manipulate the source files or input to the lifecycle process.\n
- Ingestion points: Artifact definitions and user-provided specifications are read from the filesystem via Read and Glob tools as described in Phase 1 (Discovery) of the workflow.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the processed artifacts are defined in the skill logic.\n
- Capability inventory: The skill utilizes high-privilege tools including Bash, Write, and Edit that could be leveraged if injected instructions are executed by the agent.\n
- Sanitization: No specific validation, filtering, or content escaping mechanisms are implemented within the provided scripts or workflow instructions.
Audit Metadata