gsd-remove-workspace
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs file system modifications and executes Git commands for workspace cleanup. This is the intended primary function for managing project environments.
- [PROMPT_INJECTION]: The skill processes external user input as workspace names, which are then passed into a workflow context, creating a surface for indirect prompt injection.
- Ingestion points: User input captured in the {{GSD_ARGS}} variable.
- Boundary markers: No clear delimiters or safety instructions are used to isolate user input from the workflow logic.
- Capability inventory: Includes the ability to delete directories and modify Git repository state via worktree removal.
- Sanitization: There is no evidence of input validation or sanitization for the workspace name provided by the user.
Audit Metadata