red-team
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs local environment setup and coordinates with other skills through command-line invocations.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it processes content from untrusted documentation and skill files through sub-agents. * Ingestion points: The skill reads local files from user-defined paths like
docs/orskills/in Step 4 ofSKILL.md. * Boundary markers: The prompt template in Step 2 uses structural headers such asCONTEXT,MANDATORY CONSTRAINTS, andYOUR TASKto define the data boundaries. * Capability inventory: The skill can spawn general-purpose sub-agents, write findings to the.agents/directory, and execute thecouncilskill. * Sanitization: There is no evidence of sanitization or escaping of the target file content before it is interpolated into the prompt templates.
Audit Metadata