workflow-execute
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's behavior aligns with its stated purpose of executing development plans. No malicious patterns were identified.\n- [COMMAND_EXECUTION]: The skill facilitates shell command execution specifically for running tests and verifying code implementation, which are standard project operations.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads and follows instructions from local project files such as
plan.mdandanalysis.md. This is a requirement for the skill's functionality.\n - Ingestion points: Reads content from
docs/work/*/plan.md,analysis.md, and the__prototype__/directory.\n - Boundary markers: Absent; the skill does not use specific delimiters or instructions to ignore embedded commands within the ingested files.\n
- Capability inventory: Includes file creation/modification, shell command execution (via test running), and software dependency installation.\n
- Sanitization: No validation or sanitization is performed on the content of the plan files before processing.
Audit Metadata