Skills
skills/duc01226/easyplatform/workflow-release-prep/Gen Agent Trust Hub

workflow-release-prep

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions utilize repetitive 'IMPORTANT MUST ATTENTION' prefixes to forcefully direct the agent's behavior and task creation logic.
  • [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by passing user-supplied prompt data directly into the /workflow-start command.
  • Ingestion points: User prompt input in SKILL.md
  • Boundary markers: No delimiters or ignore instructions are provided to separate user content from the workflow command
  • Capability inventory: Execution of workflow management commands (/workflow-start, /sre-review) and the TaskCreate tool
  • Sanitization: No input validation or escaping mechanisms are present to handle user-controlled context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:18 AM
Security Audit — agent-trust-hub — workflow-release-prep