oma-dev-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads and executes the installation script for the mise tool from its official domain (https://mise.run) as part of the environment setup instructions.
- [COMMAND_EXECUTION]: Modifies the user's shell profile by appending activation logic to the .zshrc file to maintain toolchain availability.
- [COMMAND_EXECUTION]: Automatically generates executable shell scripts within the .git/hooks directory to enforce project quality standards through git hooks.
- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection where external repository data is processed (Category 8).
- Ingestion points: Processes untrusted inputs from git commit messages, branch names, and configuration file contents (mise.toml).
- Boundary markers: Does not utilize explicit delimiters or specialized markers when passing external data to shell-based validation tools.
- Capability inventory: Executes shell commands via the mise task runner and performs file system writes to configure git hooks.
- Sanitization: Relies on third-party validation tools like commitlint but lacks internal sanitization for dynamic task arguments.
Audit Metadata