coding-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a structured framework for coding assistance and does not perform any dangerous operations or bypass safety guidelines.
- [EXTERNAL_DOWNLOADS]: The workflow includes a provision for 'OSS reference scanning' to research architectural patterns. This involves retrieving data from reputable public sources like GitHub for informational purposes and is assessed as a standard research capability.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection due to its ingestion of external and local data. Evidence chain: (1) Ingestion points: Local project files and external OSS references are processed during the exploration phase. (2) Boundary markers: No explicit delimiters or ignore-instructions are defined for external data. (3) Capability inventory: The skill has the ability to modify local files and execute tasks via the 'dex' tool during the execution phase. (4) Sanitization: No explicit content validation is mentioned. This surface is mitigated by the mandatory human-in-the-loop requirement for explicit approval ('Ready to execute?') before any changes are applied.
- [COMMAND_EXECUTION]: The skill involves reading and modifying files as part of its core development workflow. These operations are governed by a multi-phase verification process that prevents automated or hidden command execution.
Audit Metadata