workflow-design
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses strong directives such as 'IMPORTANT', 'MUST', and 'Do NOT skip any step' to enforce its execution flow. While meant for workflow coordination, these patterns can be used to attempt to override standard agent behavior.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill ingests the user's prompt as context for the
/workflow-startcommand without boundary markers or sanitization. - Ingestion points: User prompt used in SKILL.md.
- Boundary markers: Absent; user input is interpolated directly without delimiters to prevent instruction leakage.
- Capability inventory: The skill triggers a chain of commands including /design-spec, /interface-design, /frontend-design, /code-review, and /workflow-end.
- Sanitization: Absent; no evidence of input validation or escaping before processing.
Audit Metadata