workflow-testing
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Forceful Instructional Directives. The skill utilizes authoritative language, including the terms 'IMPORTANT', 'MUST', and 'Do NOT skip', to enforce a specific sequence of actions. This pattern is characteristic of instructions intended to override an agent's standard behavior or safety guidelines to ensure compliance with a rigid workflow.\n- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests the user's prompt and passes it directly to the
/workflow-start testingcommand as context, which provides an entry point for embedded instructions to influence the agent's actions.\n - Ingestion points: The user's prompt is processed and passed to a workflow trigger in
SKILL.md.\n - Boundary markers: Absent. The skill does not implement delimiters or instructions to ignore commands within the interpolated user content.\n
- Capability inventory: The skill triggers a workflow consisting of the
/workflow-start,/test, and/workflow-endcommands.\n - Sanitization: Absent. There is no evidence of validation or sanitization applied to the user input before it is used by the workflow engine.
Audit Metadata