workflow-investigation
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill interpolates untrusted user input directly into the
/workflow-startcommand context without boundary markers.\n- Ingestion points: User prompt provided at runtime (SKILL.md).\n- Boundary markers (absent): No delimiters or instructions to ignore embedded instructions are present.\n- Capability inventory: Invokes the/workflow-startplatform command which triggers further codebase operations (SKILL.md).\n- Sanitization (absent): User input is passed to the workflow context without validation.
Audit Metadata