Skills
skills/duc01226/easyplatform/workflow-test-spec-update/Gen Agent Trust Hub

workflow-test-spec-update

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a workflow that ingests untrusted user input and passes it as context to a sequence of automated commands.
  • Ingestion points: The entire user prompt is used as the execution context for the test-spec-update workflow.
  • Boundary markers: There are no delimiters (like triple quotes or XML tags) or system instructions provided to the agent to treat the user input as data rather than instructions.
  • Capability inventory: The workflow executes steps including /test and /integration-test, which typically involve shell command execution and code evaluation.
  • Sanitization: The skill does not describe any validation or sanitization of the user prompt before passing it to the workflow tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:24 AM
Security Audit — agent-trust-hub — workflow-test-spec-update