workflow-engine-mapper

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled Python script (scripts/workflow_engine_mapper.py) using the Bash tool to process task parameters and generate workflow recommendations. This execution is confined to the local environment and uses standard Python libraries without external dependencies.
  • [DATA_EXPOSURE]: No evidence of sensitive data access or exfiltration was found. The script processes only provided CLI arguments and emits structured output without accessing the file system (except for its own code) or the network.
  • [PROMPT_INJECTION]: The instructions and metadata are focused on technical task mapping and do not contain attempts to override agent behavior, bypass safety filters, or extract system prompts.
  • [REMOTE_CODE_EXECUTION]: The skill operates entirely locally with no remote downloads or execution of external scripts. All logic is contained within the provided Python script, which lacks dangerous functions like eval() or exec().
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 12:02 AM
Security Audit — agent-trust-hub — workflow-engine-mapper