Skills
skills/affaan-m/everything-claude-code/team-builder/Gen Agent Trust Hub

team-builder

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill reads local markdown files and uses their content as prompts for sub-agents, creating an indirect prompt injection surface.
  • Ingestion points: Reads files from ./agents/ and ~/.claude/agents/.
  • Boundary markers: None; the agent file content is interpolated directly into the prompt.
  • Capability inventory: Spawns sub-agents using the Agent tool to execute task-specific logic.
  • Sanitization: None.
  • [COMMAND_EXECUTION]: The skill uses the Agent tool to execute personas discovered in markdown files. This is the intended behavior of the orchestrator.
  • [SAFE]: No malicious obfuscation, hardcoded credentials, unauthorized network exfiltration, or persistence mechanisms were detected. File access is confined to directories intended for agent personas.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 08:52 PM