ask
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior matches its stated purpose and does not exhibit any high-risk behaviors or hidden commands.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests user-provided text through the $ARGUMENTS variable and passes it to a sub-agent without sanitization. * Ingestion points: The $ARGUMENTS variable in SKILL.md. * Boundary markers: No delimiters or protective instructions are used to separate user input from system instructions. * Capability inventory: The skill calls the Task tool with subagent_type='consultant:consultant'. * Sanitization: No filtering or validation of the input is performed before processing.
Audit Metadata