ts-workflow-prototype
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill implements a legitimate multi-agent orchestration framework for development workflows.
- [PROMPT_INJECTION]: The skill manages indirect prompt injection risks associated with its primary purpose. Ingestion points: Design documents and workflow logs. Capability inventory: File writing and sub-agent spawning via ts-log, ts-explore, and other tools. Boundary markers: It explicitly designates the design doc as the source of truth and uses structured templates for judge dispatches. Sanitization: Sub-agents are initiated with fresh context and specific output contracts to isolate execution.
- [COMMAND_EXECUTION]: The skill orchestrates sub-agents by spawning and terminating processes. These activities are limited to the predefined orchestration logic and present no risks of unauthorized command execution.
Audit Metadata