Agent Development
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the creation of AI agents by interpolating user-provided functional descriptions into a high-level "Agent Architect" system prompt (as seen in
examples/agent-creation-prompt.mdandreferences/agent-creation-system-prompt.md). This pattern is vulnerable to indirect prompt injection where an attacker-controlled description could attempt to hijack the agent generation process. - Ingestion points: User-provided descriptions are ingested into the generation template at the
[YOUR DESCRIPTION]placeholder within the agent creation templates. - Boundary markers: The templates use standard double quotes to enclose user input but do not provide explicit instructions to the model to ignore or sanitize embedded directives within that input.
- Capability inventory: The agents generated by this process are intended to have significant tool access (e.g.,
Read,Write,Bash), making the integrity of their system prompts critical to security. - Sanitization: The skill lacks automated sanitization or validation logic to filter out adversarial prompt injection patterns from the input descriptions before they are used to generate agent configurations.
Audit Metadata