swarm-planner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill has an indirect prompt injection surface. Ingestion points: Codebase files (Step 1) and external library documentation (Step 2). Boundary markers: No delimiters or warnings are used when passing ingested data to subagents or plan files. Capability inventory: File writing and subagent spawning. Sanitization: No evidence of data validation or sanitization.
- [No Code] (SAFE): The skill consists of a single markdown file with instructions and no executable scripts.
Audit Metadata