Skills
skills/athola/claude-night-market/qwen-delegation/Gen Agent Trust Hub

qwen-delegation

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to read and process the contents of local files using the @path syntax or the delegation_executor.py script. Malicious content within these files could influence the agent's behavior.
  • Ingestion points: Local file paths passed to the CLI or execution script as shown in SKILL.md.
  • Boundary markers: Absent. The skill does not instruct the model to treat file content as untrusted data or use specific delimiters to isolate it from instructions.
  • Capability inventory: The skill uses qwen-cli for shell execution and delegation_executor.py for task management.
  • Sanitization: None. File contents are interpolated directly into the context.
  • [SAFE]: The skill correctly instructs users to manage sensitive credentials like QWEN_API_KEY via environment variables or CLI authentication commands, which is a standard security practice.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 07:37 AM