n-version-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill implements an orchestration pattern where an agent processes data (code) generated by other sub-agents. • Ingestion points: Step 3 and Step 4 involve analyzing and testing code generated in Step 2. • Boundary markers: The instructions do not specify explicit delimiters or warnings for the analysis phase. • Capability inventory: The workflow involves spawning subprocesses and running automated tests. • Sanitization: No explicit sanitization or security-filtering steps are defined for the generated code before it is passed to the tester or reviewer agents.
- Command Execution (SAFE): The skill references spawning subprocesses and running tests. Within the context of a development-focused agent skill, these are intended functional capabilities for orchestration. No suspicious shell commands, unauthorized file access, or hardcoded malicious payloads are present.
Audit Metadata