subagent-task-execution
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process external task breakdown documents, which serves as a vector for indirect prompt injection.
- Ingestion points: Processes 'plan or task breakdown' documents within the session context.
- Boundary markers: The prompt does not define delimiters or specific 'ignore' instructions for the content of the task breakdown.
- Capability inventory: The skill dispatches subagents with 'specialized skills' such as 'coding' and utilizes the 'TodoWrite' tool.
- Sanitization: No sanitization or validation of the input task list is mentioned or implemented.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected.
- Remote Code Execution (SAFE): No remote script downloads or dynamic code execution patterns are present.
- Obfuscation (SAFE): No Base64 encoding, zero-width characters, or other obfuscation techniques were found.
Audit Metadata