quality-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute the
compose-agentsmdcommand before responding to any user message as a 'session gate' inAGENTS.md. Additionally, the.mwt/config.tomlfile defines a verification command that executesnpx markdownlint-cliandcompose-agentsmd. - [EXTERNAL_DOWNLOADS]: The
AGENTS.mdfile contains instructions to install thecompose-agentsmdtool globally vianpm install -gif it is missing. The verification script in.mwt/config.tomlalso usesnpx --yesto download and executemarkdownlint-cliat runtime. - [PROMPT_INJECTION]: The skill defines a process that is susceptible to indirect prompt injection by relying on external data sources.
- Ingestion points: As specified in
SKILL.md, the agent must use documentation, specifications, CLI help, and API descriptions as the source of truth for contract verification. - Boundary markers: The instructions lack any requirement for delimiters or warnings to ignore instructions found within these external documents.
- Capability inventory: The agent environment allows for the execution of shell commands through the identified verification and rule management tools (
compose-agentsmd,npx). - Sanitization: There is no requirement for the agent to sanitize or validate the external content before processing it.
Audit Metadata