Skills
skills/windmill-labs/windmill-cli-docs/write-flow/Gen Agent Trust Hub

write-flow

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute several wmill CLI commands, including wmill flow new, wmill flow preview, and wmill generate-metadata. These are official development tools from Windmill Labs.
  • [PROMPT_INJECTION]: The skill includes instructions to skip confirmation offers if the user has already expressed clear intent (e.g., 'If the user already asked to test... skip the offer and just execute'). While this increases agent autonomy, it is guided by explicit user requests and does not attempt to conceal malicious behavior or bypass safety guardrails.
  • [DATA_EXFILTRATION]: The skill specifically warns the agent against auto-deploying changes, instructing it to only name the deployment command (wmill sync push) so the user can manually approve it, preventing unauthorized or accidental publication of data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:36 AM
Security Audit — agent-trust-hub — write-flow