workflow-dev-qa-handoff
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructional markers like 'IMPORTANT' and 'You MUST' to ensure the agent adheres to the defined workflow sequence. This is a functional requirement for process automation and does not represent an attempt to bypass safety guidelines.
- [PROMPT_INJECTION]: The skill accepts the user's prompt as context for the workflow, creating a potential surface for indirect prompt injection. \n
- Ingestion points: User prompt input (SKILL.md) \n
- Boundary markers: Absent \n
- Capability inventory: Internal workflow management commands (/workflow-start, /handoff, /test-spec, /workflow-end) \n
- Sanitization: Absent. Given the restricted nature of the workflow commands, this surface is considered low risk.
- [COMMAND_EXECUTION]: The skill uses slash commands to trigger workflows. These are high-level platform abstractions for task coordination rather than direct access to a shell or operating system commands.
- [DATA_EXFILTRATION]: No network operations or sensitive file access patterns were identified. The skill only processes the user's provided context locally within the workflow context.
Audit Metadata