dev-workflow-planning
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines organizational best practices and structured workflows for software development tasks, emphasizing documentation and methodical execution.
- [COMMAND_EXECUTION]: The agent is instructed to use standard development utilities (git, npm, npx, grep) and local repository scripts. These operations are protected by a 'Shell Safety Gate' and 'Command Preflight Protocol' designed to prevent command errors and environment instability.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection through its requirement to read local project documentation and plans. 1. Ingestion points: Instructions in the 'Proactive Plan-Doc Reading' section of SKILL.md direct the agent to load files from directories like docs/redesign/ or docs/product/. 2. Boundary markers: The skill does not explicitly define delimiters for this ingested content. 3. Capability inventory: The skill utilizes shell command execution and file system access for development tasks. 4. Sanitization: The skill mitigates risks through mandatory pre-execution verification (e.g., checking paths with 'test -e' and validating tool flags) rather than string-based sanitization.
Audit Metadata