retrospective-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill includes shell scripts (
gather-retro-metrics.sh,init-retrospective.sh,validate-retro.sh) that run local commands likegitandnpm test. While functional for gathering metrics, this involves executing project-defined test scripts.\n- [PROMPT_INJECTION] (LOW): The facilitation prompt exhibits a surface for indirect prompt injection by ingesting external project data.\n - Ingestion points: The agent reads
story-tracker.md,delegation/*.md,completion-reports/*.md, andchecklists/*.md.\n - Boundary markers: Absent; the prompt does not use delimiters or instructions to ignore embedded commands in the source files.\n
- Capability inventory: The agent can execute local scripts (
validate-retro.sh) and write files (retro.md,handoff.yml).\n - Sanitization: No escaping or validation of the ingested file content is performed.
Audit Metadata