tlaplus-workbench
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill utilizes local shell scripts (
scripts/tlc_check.shandscripts/tlc_trace_summary.sh) to interface with the TLC model checker. Analysis of the provided bash script shows secure practices, including proper variable quoting and input validation. - [Indirect Prompt Injection] (LOW): The skill ingests natural language system designs to generate formal specifications. While this creates an attack surface for indirect prompt injection, the risk is inherent to the skill's primary purpose and no evidence of exploitation or unsafe interpolation was found.
- Ingestion points: Natural-language system designs provided by the user.
- Boundary markers: None explicitly defined for input data in the prompt instructions.
- Capability inventory: Execution of shell scripts via bash and Java (TLC model checker).
- Sanitization: Not explicitly defined, though the TLA+ syntax itself provides a layer of validation through the model checker's parser.
Audit Metadata