workflow-performance
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted user input to drive an automated multi-step workflow.
- Ingestion points: The user's prompt is used directly as context for the
performanceworkflow (SKILL.md). - Boundary markers: No delimiters or explicit instructions are provided to the agent to treat user input as data rather than instructions.
- Capability inventory: The workflow triggers several high-capability actions including
/investigate,/plan, and/codewhich involve file system interaction and code modification. - Sanitization: The skill does not implement any validation or sanitization of the input context to prevent the execution of instructions embedded within the user prompt.
Audit Metadata