workflow-pm-reporting
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses repetitive and forceful language such as "IMPORTANT MUST ATTENTION" and "NEVER batch-complete" to ensure the agent follows a rigid workflow. These instructions are directed at task completion logic and do not aim to override safety protocols or elicit restricted behavior.
- [PROMPT_INJECTION]: The skill ingests user input to drive a multi-step workflow, creating a potential surface for indirect prompt injection.
- Ingestion points: The user's prompt is passed as context to the
/workflow-startcommand inSKILL.md. - Boundary markers: No delimiters or specific markers are defined to isolate the user input from the skill's instructions.
- Capability inventory: The skill uses
TaskCreateand workflow management tools (/status,/dependency); it does not exhibit dangerous capabilities like arbitrary code execution or file system modification. - Sanitization: There is no evidence of sanitization or validation of the input prompt, though the risk is mitigated by the limited scope of the reporting tools.
Audit Metadata