ziniao-workflow-batch-account
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents a legitimate administrative workflow for assigning store permissions to staff members using the vendor-provided
ziniao-clitool. No evidence of malicious intent, data exfiltration, or unauthorized command execution was found. - [SAFE]: The 'CRITICAL' instruction at the beginning of the file is a procedural requirement directing the agent to load shared context from a local relative path (
../ziniao-shared/SKILL.md). This is a standard pattern for modular skill designs and does not constitute a prompt injection or safety bypass attempt. - [SAFE]: Data handling within the workflow (reading staff and account IDs to perform authorization) follows the primary purpose of the skill. While this creates a data ingestion surface, the operations are limited to the vendor's API and do not involve unsafe dynamic code execution.
Audit Metadata