Skills
skills/chipagosfinest/claude-multi-agent-systems/parallel-task/Gen Agent Trust Hub

parallel-task

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Significant surface for Indirect Prompt Injection via markdown plan files. * Ingestion points: The orchestrator reads and parses external markdown files (e.g., plan.md) specified in the user request. * Boundary markers: The Task Prompt Template lacks delimiters or 'ignore' instructions for the interpolated fields (Description, Acceptance Criteria, Validation), allowing plan content to bleed into the subagent's core instructions. * Capability inventory: Subagents are authorized to read/write local files, run validation commands (shell execution), and perform git commits. * Sanitization: No evidence of validation or sanitization of plan content before interpolation.
  • [COMMAND_EXECUTION] (LOW): The instructions for subagents to 'Run validation if feasible' based on the 'Validation' field in the plan file creates a vector for arbitrary command execution if the plan file is maliciously crafted.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:49 PM