intelligent-routing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is subject to indirect prompt injection (Category 8) as it analyzes user input to automatically select and invoke sub-agents. Evidence Chain: 1. Ingestion points: User requests are analyzed silently in
sub-skills/1-request-analysis.mdandsub-skills/3-automatic-routing-protocol.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands within user requests are provided. 3. Capability inventory: The skill can auto-invoke multiple specialized agents (e.g.,@security-auditor,@backend-specialist) which may have access to tools or sensitive context. 4. Sanitization: No sanitization of input keywords is performed prior to routing decisions. - [NO_CODE] (SAFE): The skill consists entirely of Markdown documentation, Mermaid diagrams, and pseudocode for logical flow. No executable scripts (.py, .js, .sh) or remote dependencies are present.
- [EXTERNAL_DOWNLOADS] (SAFE): No external URLs or remote packages are requested or executed.
Audit Metadata