subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process implementation plans, which serves as a potential surface for indirect prompt injection. However, the risk is mitigated by the multi-agent review structure.\n
- Ingestion points: External implementation plan tasks are extracted and provided to subagents via the
implementer-prompt.mdandspec-reviewer-prompt.mdtemplates.\n - Boundary markers: The templates use Markdown headers to separate instructions from the plan content.\n
- Capability inventory: Subagents are tasked with writing code, running tests, and committing changes.\n
- Sanitization: No explicit sanitization of the input text is performed before interpolation.\n- [NO_CODE]: The skill does not contain any executable scripts, binaries, or complex automation logic, consisting solely of Markdown instructions and prompt templates.
Audit Metadata