workflow-pre-development
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses imperative language ('MUST', 'Do NOT skip') to strictly enforce a specific sequence of actions, which can be used to override default agent behavior.
- [PROMPT_INJECTION]: The skill processes user-supplied input by passing the user's prompt as context to the '/workflow-start' command. This represents an ingestion point for untrusted data that could contain malicious instructions.
- Ingestion points: The user prompt is passed to the '/workflow-start' command in 'SKILL.md'.
- Boundary markers: No boundary markers or delimiters are used to isolate the user's prompt from the command context.
- Capability inventory: The skill triggers a sequence of additional commands ('/quality-gate', '/plan', '/plan-review', '/plan-validate') based on the input.
- Sanitization: There is no evidence of sanitization or validation of the input before it is used in the workflow sequence.
Audit Metadata