writing-agent-relay-workflows
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands for repository operations (git), package management (npm), and GitHub interactions (gh). These commands are standard for development automation and are used within a deterministic context.
- [EXTERNAL_DOWNLOADS]: The skill references several external Node.js packages (@relayflows/core, @agent-relay/config, @relayflows/github-primitive). These are vendor-owned resources associated with the AgentWorkforce ecosystem.
- [REMOTE_CODE_EXECUTION]: The skill describes a framework where agents can execute code as part of a workflow (e.g., running tests or applying fixes). This is a core feature of the development tool and includes recommended verification gates to maintain safety.
- [PROMPT_INJECTION]: While the skill involves agents reading local files (which could contain untrusted data), it implements a mandatory fresh-eyes review pattern where multiple independent agents (Claude and Codex) must review and approve changes, which significantly mitigates the risk of indirect prompt injection.
Audit Metadata