flow-shared
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides shared documentation and prompts for orchestrating development tasks. It does not include standalone scripts or executable binaries. Its core purpose is to guide subagents through a controlled coding process.
- [EXTERNAL_DOWNLOADS]: In
worktree-setup.md, the skill describes environment setup using standard package managers (npm, pip, cargo, go) when relevant project files are detected. These are standard developer operations performed against official package registries and do not involve untrusted sources. - [COMMAND_EXECUTION]: The orchestrator is instructed to use standard Git commands to manage feature branches and isolated work environments (worktrees). All commands are restricted to the local repository context and serve the intended purpose of the development workflow.
- [PROMPT_INJECTION]: The skill uses strong directives such as 'Hard gate', 'Forbidden', and 'Iron Law' to enforce process integrity. These are functional constraints for the AI agent to follow a specific workflow and do not represent attempts to bypass safety filters or extract system prompts.
Audit Metadata