team-audio
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates a vulnerability surface for indirect prompt injection by processing external data to drive its workflow.
- Ingestion points: The skill reads design documents and asset lists from directories like design/gdd/ and assets/audio/.
- Boundary markers: There are no instructions or delimiters used to isolate the data read from files, making the agent susceptible to embedded instructions.
- Capability inventory: The agent has access to several high-privilege tools including Bash, Task, Write, and Edit, which could be misused if a processed file contains malicious directives.
- Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external files before it is used to influence the agent's internal reasoning or its instructions to subagents.
Audit Metadata