release-testing-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes multiple Python helper scripts in the scripts/ directory that use subprocess.call() to chain local execution. These scripts facilitate file format conversion and use fixed internal paths with argument lists, which is a standard and safe design pattern.
- [PROMPT_INJECTION]: As a tool designed to analyze external project documentation, the skill is inherently exposed to indirect prompt injection from processed data.
- Ingestion points: Untrusted data enters via requirements, user stories, and design documents processed by prompts in the prompts/ folder (e.g., requirements-analysis.md).
- Boundary markers: The prompts utilize Markdown headers to organize the workflow, though they do not implement strict sandbox delimiters for user-provided content.
- Capability inventory: The agent can read and write local files and execute internal Python scripts to transform data.
- Sanitization: Input data is processed as natural language without programmatic sanitization, relying on the underlying model's safety constraints.
Audit Metadata