workflow
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface through its handling of user-defined tasks. \n
- Ingestion points: User-provided strings (e.g., in the usage examples in
SKILL.md) are passed directly as parameters to workflow commands. \n - Boundary markers: Absent. No explicit delimiters or guardrail instructions are provided in
SKILL.mdto separate user-provided data from system instructions. \n - Capability inventory: As listed in
SKILL.md, the skill is authorized to useBash,Write,Edit, andSkill(the ability to execute other agent skills). \n - Sanitization: Absent. There is no evidence of validation or sanitization of user input strings before they are processed by the orchestration logic.
Audit Metadata