workspace
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions designed to override system prompts, bypass safety guidelines, or extract system instructions were detected.
- Data Exposure & Exfiltration (SAFE): The file does not contain hardcoded credentials, sensitive file paths, or network exfiltration commands. The mentioned tool calls appear to be internal abstractions.
- Indirect Prompt Injection (SAFE): The skill processes user input via the
$ARGUMENTSplaceholder and possesses the capability to modify workspace permissions. - Ingestion points: User input via
$ARGUMENTS. - Boundary markers: None explicitly defined in the markdown.
- Capability inventory: Workspace permission management (e.g.,
testany_assign_user_to_workspace). - Sanitization: Not addressed in this instructional file.
- Assessment: While an attack surface for indirect injection exists, the static instructions themselves do not contain malicious payloads or deceptive instructions. Per guidelines, this is considered SAFE as the risk is inherent to the administrative purpose of the skill.
- Obfuscation (SAFE): No encoded strings, zero-width characters, or homoglyphs were found.
- Remote Code Execution & Dependencies (SAFE): No external package installations, remote script downloads, or dynamic execution patterns (eval/exec) are present.
Audit Metadata