multi-agent-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is comprised of documentation, architectural diagrams, and configuration examples. It does not include any executable code, scripts, or binary files.
- [COMMAND_EXECUTION]: Configuration templates for the 'News Agent' and 'Code Agent' include the 'exec' tool, which allows agents to run system commands. While this is a standard feature of the described framework, users should be aware of the high privileges granted to these sub-agents.
- [PROMPT_INJECTION]: The 'Intelligent Spawn System' documentation describes a workflow that is susceptible to indirect prompt injection. 1. Ingestion points: User input is received by the Main Agent and passed to sub-agents via the 'task' parameter in 'sessions_spawn'. 2. Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for the sub-agents. 3. Capability inventory: Sub-agents are configured with powerful tools including 'exec', 'read', and 'write'. 4. Sanitization: No sanitization or validation of the user-provided task string is described.
Audit Metadata