gsd-list-workspaces
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns detected. The skill operates on local directories and files consistent with its described purpose of workspace management.
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection as the skill reads manifest data from WORKSPACE.md files in the user directory.
- Ingestion points: Workspace manifest files (WORKSPACE.md) in ~/gsd-workspaces/ (SKILL.md).
- Boundary markers: None identified.
- Capability inventory: Generating a summary table for display (SKILL.md).
- Sanitization: None identified.
- [COMMAND_EXECUTION]: The skill executes a workflow defined in a local file path (@/mnt/local-analysis/workspace-hub/.codex/get-shit-done/workflows/list-workspaces.md), which is part of the intended modular architecture of the system.
Audit Metadata