Skills
skills/duc01226/easyplatform/workflow-sprint-retro/Gen Agent Trust Hub

workflow-sprint-retro

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user input directly as context for its internal workflow logic.
  • Ingestion points: User input is passed as context to the /workflow-start command in SKILL.md.
  • Boundary markers: The skill does not use delimiters or isolation instructions to distinguish between its own logic and the data provided in the user prompt.
  • Capability inventory: The skill triggers several workflow management commands including /workflow-start, /status, /retro, and /workflow-end.
  • Sanitization: There is no evidence of sanitization, escaping, or validation of the user's input before it is utilized by the agent commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:25 AM