stack-set
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to read and follow instructions from a local file ('.agents/workflows/stack-set.md'). This constitutes an indirect prompt injection surface where untrusted data from the repository could override agent behavior.
- Ingestion points: Reference to '.agents/workflows/stack-set.md' in SKILL.md.
- Boundary markers: None provided to isolate the workflow instructions.
- Capability inventory: Implied file-system read access to process project files.
- Sanitization: No sanitization or validation of the workflow content is mentioned.
- [NO_CODE]: The analyzed skill consists only of a markdown definition file and does not include any executable scripts or binary files.
Audit Metadata