Skills
skills/donchitos/claude-code-game-studios/team-combat/Gen Agent Trust Hub

team-combat

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill grants access to the Bash tool, which is used by subagents during the Implementation and Integration phases to execute system commands and modify the project environment.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it passes user-supplied feature descriptions through a multi-stage pipeline of subagents.
  • Ingestion points: The skill takes [combat feature description] as input, which the game-designer agent uses to write documents to design/gdd/. These documents are subsequently read and acted upon by other agents.
  • Boundary markers: The instructions lack delimiters or constraints that would prevent subagents from interpreting malicious commands embedded within the feature description as legitimate design instructions.
  • Capability inventory: Orchestrated subagents have access to powerful tools including Bash, Write, Edit, and Task.
  • Sanitization: No sanitization or validation logic is defined to inspect the user input or the generated design files before they influence code generation and execution steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 11:06 PM