Skills
skills/curiositech/some_claude_skills/dag-parallel-executor/Gen Agent Trust Hub

dag-parallel-executor

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill is susceptible to indirect prompt injection (Category 8). It processes task schedules from other skills and interpolates that data into agent prompts.
  • Ingestion points: The executeTask function ingests ScheduledTask objects from an external schedule.
  • Boundary markers: No explicit delimiters or boundary markers (like XML tags) are shown in the buildPromptForNode usage to isolate untrusted task content from the agent's instructions.
  • Capability inventory: The skill uses the Task tool, which has the power to spawn new agents and execute additional tasks. It also has Write and Edit permissions.
  • Sanitization: There is no evidence of sanitization or validation of the nodeId or description fields before they are passed to the sub-agent's prompt or used to determine the subagent_type.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 08:36 PM