workflow-feature-docs
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses emphatic and non-standard phrasing like "IMPORTANT MUST ATTENTION" and "[BLOCKING]" to enforce strict adherence to workflow steps. These instructions are designed to prevent the agent from skipping validation gates rather than bypassing core safety filters.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by design, as it processes user prompts as context for a workflow that has file manipulation and task management capabilities.
- Ingestion points: The user prompt is ingested via the
/workflow-startcommand to provide context for the documentation process in SKILL.md. - Boundary markers: No specific delimiters or "ignore previous instructions" guards are implemented to separate user content from the workflow's template requirements.
- Capability inventory: The workflow enables the agent to perform file system analysis (
/scout,/investigate), generate tasks (TaskCreate), and modify documentation files (/docs-update). - Sanitization: No input validation or content filtering mechanisms are defined to sanitize user-provided context before it influences tool usage.
Audit Metadata