workflow-deployment
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied input as context for the deployment workflow without using boundary markers. This creates an indirect prompt injection surface where external instructions could influence high-privilege operations.\n
- Ingestion points: User prompt passed to
/workflow-startinSKILL.md.\n - Boundary markers: No delimiters or ignore-instructions warnings are used.\n
- Capability inventory: Workflow includes Docker, Kubernetes, and CI/CD operations via commands like
/code,/test, and/sre-review.\n - Sanitization: No sanitization or validation of user input is described.
Audit Metadata