pipeline-scaffolder
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a structural build engine. Its use of the Bash tool for script syntax validation (using ast.parse) and ADR hash verification is consistent with its role as a code generator and involves only local, deterministic operations. The skill enforces adherence to architecture rules and requires a validated Pipeline Spec JSON as input, reducing the risk of ad-hoc or malformed configurations.\n- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it consumes external data from a Pipeline Spec JSON to populate instruction fields in generated agents and skills. This is mitigated by the highly structured nature of the JSON schema, the enforcement of rigid templates (AGENT_TEMPLATE_V2 and generated-skill-template), and the absence of LLM execution within the generated validation scripts.
Audit Metadata