skills/wcof/pmskill/pm-flow/Gen Agent Trust Hub

pm-flow

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: No malicious injection patterns or attempts to override agent behavior were found. The instructions are focused on structured extraction of process steps.
  • [DATA_EXFILTRATION]: The skill reads from "docs/pm-context/pm-context.md" and writes to paths like "docs/pm-context/sketch/flow.md". All file operations are localized to the project directory, and no network operations are present.
  • [COMMAND_EXECUTION]: No shell commands, system calls, or administrative privilege requests were detected.
  • [EXTERNAL_DOWNLOADS]: The skill does not download external scripts, tools, or dependencies at runtime.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes content from an external file ("docs/pm-context/pm-context.md"). While this represents an ingestion point for untrusted data, the risk is low as the skill's operations are restricted to extracting specific business logic into Mermaid diagram syntax without executing the content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 01:09 AM
Security Audit — agent-trust-hub — pm-flow