agent-team-manager
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill allows users to define and update 'system_prompt' and 'task' attributes for agents within a team. This configuration surface could be used to inject malicious instructions if the input data originates from an untrusted source.
- Ingestion points: CLI arguments (--system-prompt, --task) and JSON input files (--agents-file) processed in scripts/agent_team_manager.py.
- Boundary markers: None present to delimit or neutralize embedded instructions.
- Capability inventory: The skill can read local files and perform network operations to a local API (localhost:8000).
- Sanitization: No sanitization or validation is performed on the prompt strings before they are sent to the management API.
- [COMMAND_EXECUTION]: The skill functions by executing a provided Python script (agent_team_manager.py) which manages team states through a local REST service.
Audit Metadata