workflow-automation
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes configuration files and environment variables to automate tasks.
- Ingestion points: Reads
package.json,Makefile, and environment variables indev-setup.shanddeploy.sh. - Boundary markers: No explicit markers are used to isolate content from these files when processed by the agent.
- Capability inventory: The skill uses the Bash tool to execute shell scripts and performs remote commands via SSH in
scripts/deploy.sh. - Sanitization: No explicit sanitization of configuration file content is performed prior to execution.
- [COMMAND_EXECUTION]: The skill generates and executes shell scripts for development setup and deployment. This includes operations like
npm install,docker-compose, and SSH-based remote commands. These actions are standard for the skill's intended purpose of workflow automation. - [EXTERNAL_DOWNLOADS]: The skill uses well-known services and trusted organizations to manage dependencies and CI/CD pipelines. This includes using npm for package installation and official GitHub Actions for automated testing. These downloads are considered safe within the context of development automation.
Audit Metadata