lfg
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as an orchestrator for internal engineering tools (slash commands) to manage workflows and browser testing.
- [PROMPT_INJECTION]: No instructions aimed at overriding system prompts, bypassing safety protocols, or extracting system information were detected.
- [DATA_EXFILTRATION]: The skill does not access sensitive local files (like SSH keys or environment variables) and contains no network-based exfiltration patterns.
- [INDIRECT_PROMPT_INJECTION]: The skill provides an interface for processing user-supplied feature descriptions through the
$ARGUMENTSvariable. - Ingestion points: User input from
$ARGUMENTSis passed directly to the/workflows:plancommand inSKILL.md. - Boundary markers: None present.
- Capability inventory: The skill triggers engineering workflow commands and browser verification tools.
- Sanitization: Input is processed as-is by the subsequent command without explicit sanitization.
Audit Metadata