implement-automation-checklist
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing data from an external source (the design scheme from
assess-automation-checklist) to influence code generation and verification tasks.\n - Ingestion points:
SKILL.md(Step 1: "读取assess-automation-checklist输出的设计方案").\n - Boundary markers: Absent; the instructions do not define delimiters or markers to isolate the external content from the agent's internal logic.\n
- Capability inventory: The skill involves writing executable TypeScript files to the filesystem and running them for integration testing.\n
- Sanitization: Absent; no validation or sanitization of the input design scheme is mentioned.\n- [COMMAND_EXECUTION]: The skill facilitates the creation and execution of code within the local environment as part of its primary function.\n
- Evidence:
workflow.mddescribes the generation of an executablechecker/project structure, andchecklist.mdinstructs the agent to verify that the script is "runnable in target project."
Audit Metadata