Skills
skills/ypyt1/all-skills/workflow-optimizer/Gen Agent Trust Hub

workflow-optimizer

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the Bash tool for running local scripts and analysis commands such as time ./current-workflow.sh, grep, and awk.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the ingestion and processing of untrusted log data from the environment.
  • Ingestion points: Reads content from workflow-log.txt and timing-log.txt using the Grep and Read tools.
  • Boundary markers: No explicit boundary markers or instructions to ignore potential commands embedded within the log files are provided.
  • Capability inventory: The agent is granted access to high-privilege tools including Bash, Write, MultiEdit, and TodoWrite.
  • Sanitization: There is no evidence of input validation or sanitization applied to the data retrieved from the local logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:38 AM