ts-workflow-prototype

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill implements a legitimate multi-agent orchestration framework for development workflows.
  • [PROMPT_INJECTION]: The skill manages indirect prompt injection risks associated with its primary purpose. Ingestion points: Design documents and workflow logs. Capability inventory: File writing and sub-agent spawning via ts-log, ts-explore, and other tools. Boundary markers: It explicitly designates the design doc as the source of truth and uses structured templates for judge dispatches. Sanitization: Sub-agents are initiated with fresh context and specific output contracts to isolate execution.
  • [COMMAND_EXECUTION]: The skill orchestrates sub-agents by spawning and terminating processes. These activities are limited to the predefined orchestration logic and present no risks of unauthorized command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 08:37 AM
Security Audit — agent-trust-hub — ts-workflow-prototype