task-development-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill processes untrusted data at two key points: user requirements during Phase 1 (Clarification) and reviewer feedback during Phase 6 (PR Feedback). While explicit boundary markers are absent, the workflow mandates human approval gates before planning (Phase 2) and before merging (Phase 7), which effectively mitigates the risk of autonomous execution of injected instructions.
- [Metadata Poisoning] (SAFE): Metadata in
_meta.jsonand the YAML frontmatter ofSKILL.mdaccurately reflect the tool's purpose. No deceptive instructions or hidden malicious content were found in the description or author fields. - [Data Exposure & Exfiltration] (SAFE): There are no commands or instructions for accessing sensitive local files, environment variables, or hardcoded credentials. No unauthorized network activity is initiated.
- [Remote Code Execution] (SAFE): No remote script downloads or piped shell executions (e.g.,
curl | bash) are present. The skill does not include any external dependencies. - [No Code] (SAFE): The skill is composed entirely of instructional Markdown and structured JSON metadata. No executable code (.py, .js, .sh) or binaries are included in the skill package.
Audit Metadata