working-with-subagents
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill's architecture is susceptible to Indirect Prompt Injection (Category 8).
- Evidence Chain:
- Ingestion points: The 'scout' agent (ID: agent-e91a2154-0965-4b70-8303-54458e9a1980) is explicitly designed for network exploration and API queries, which are untrusted data sources.
- Boundary markers: The prompt templates provided in the 'Deploying' section of
SKILL.mddo not include delimiters or instructions to ignore commands within the retrieved data. - Capability inventory: The 'coder' agent (ID: agent-f9b768de-e3a4-4845-9c16-d6cf2e954942) has the capability to perform 'code fixes' and 'implementations' (write-access).
- Sanitization: There is no evidence of sanitization, escaping, or validation of the external content before it is processed by the coder or memory sub-agents.
Audit Metadata