Skills
skills/thecraighewitt/skills/workflow-visualizer/Gen Agent Trust Hub

workflow-visualizer

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXPOSURE]: The skill instructions direct the agent to scan sensitive local directories and files to aggregate system data for visualization. Evidence includes:
  • Scanning ~/Coding/skills/ for installed components.
  • Accessing BUSINESS_CONTEXT.md and README.md files which may contain sensitive business logic or internal descriptions.
  • Accessing "Recent task / chat history if accessible," which exposes the content of previous user interactions.
  • [COMMAND_EXECUTION]: To gather the necessary data for the diagram, the agent must perform broad directory listings and file read operations across the file system.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests and processes data from external, potentially untrusted sources.
  • Ingestion points: Reads content from BUSINESS_CONTEXT.md, README.md, and recent chat/task history.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' warnings for the data being ingested.
  • Capability inventory: The skill has the capability to read files, scan directories, and write output to both HTML and Markdown files.
  • Sanitization: There are no instructions provided for sanitizing or escaping the content gathered from project files before it is processed or rendered into the HTML diagram.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 08:20 PM