subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override system prompts, bypass safety filters, or ignore previous constraints were detected within the workflow.
- [Data Exposure & Exfiltration] (SAFE): The skill does not include commands to read sensitive files (e.g., credentials, SSH keys) or transmit data to external network destinations.
- [Remote Code Execution] (SAFE): There are no patterns for downloading external scripts via curl/wget or installing unverified packages from remote registries.
- [Persistence & Privilege Escalation] (SAFE): No instructions were found that attempt to modify shell profiles, install background services, or use sudo for elevated permissions.
- [No Code] (SAFE): The skill consists entirely of markdown-based process documentation and does not include any executable Python, Node.js, or shell scripts.
Audit Metadata