workflow-mastery
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill recommends automating workflows by configuring
PostToolUsehooks in the environment settings to executedotnet formatautomatically and pre-authorizing standarddotnetCLI commands (such asbuild,test,run, andef) to streamline the development process and reduce manual approval prompts. - [PROMPT_INJECTION]: The patterns described for the 'Verification Loop' and specialized 'Subagents' involve the agent processing project source code, build logs, and test outputs. This configuration represents an inherent surface for indirect prompt injection, where adversarial instructions embedded in data could attempt to influence agent behavior.
- Ingestion points: Project source code, build diagnostics, and test results referenced in the verification pipeline (SKILL.md).
- Boundary markers: None identified; the skill does not suggest specific delimiters or instructions to ignore embedded directions in processed data.
- Capability inventory: Shell command execution via the
dotnetCLI (SKILL.md). - Sanitization: None identified; the skill focuses on workflow efficiency rather than data sanitization or input validation.
Audit Metadata