parallel-agent-spawner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): Potential for indirect prompt injection via user-provided task descriptions. Evidence: (1) Ingestion points: 'tasks' parameter in 'spawn_parallel' method within SKILL.md. (2) Boundary markers: No delimiters or 'ignore instructions' warnings are documented. (3) Capability inventory: Spawning agents for implementation, testing, and code merging. (4) Sanitization: No sanitization or input validation mentioned for task strings.
- Command Execution (LOW): The functional design involves orchestrating agents to run E2E tests and perform git merge operations, which requires shell command execution capabilities.
Audit Metadata