subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override instructions, bypass attempts, or system prompt extraction patterns were found. The 'CRITICAL: Do Not Trust the Report' section in the reviewer prompt is a valid architectural safety instruction for subagent verification.
- [DATA_EXFILTRATION]: No sensitive file access or network operations to untrusted domains were detected. The skill focuses on local development tasks like testing and committing code.
- [REMOTE_CODE_EXECUTION]: The skill does not perform external downloads, package installations, or remote script executions. It relies on internal tools ('superpowers' suite) and standard development commands.
- [COMMAND_EXECUTION]: Subagent commands are restricted to implementation and testing tasks within the provided workspace. No unauthorized privilege escalation or persistence mechanisms were found.
Audit Metadata