feature-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The workflow instructions are benign and follow standard software development practices. No attempts at obfuscation, data exfiltration, or unauthorized command execution were found.\n- Indirect Prompt Injection (SAFE): The skill processes external data from user requests and the existing codebase. While this presents an ingestion surface, the risk is mitigated by the required user confirmation steps (Steps 3 and 5) and the creation of a formal plan before implementation.\n
- Ingestion points: User feature requests in the clarify/confirm steps and existing files during research.\n
- Boundary markers: No specific delimiters are mandated, but the workflow uses a structured 'Feature File' to isolate plans.\n
- Capability inventory: Writing documentation to 'docs/features/', executing 'quality gates' (testing/linting), and performing git commits.\n
- Sanitization: The agent is instructed to present the plan for confirmation, providing a human-in-the-loop sanitization mechanism.
Audit Metadata