sub-agent-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes standard shell commands (ls, find) to locate existing skills and documentation to assist in sub-agent design.
- [SAFE]: Agent configuration files are created within the project's local .claude/agents/ directory, following the platform's standard architectural patterns.
- [SAFE]: A local Python script (scripts/validate_agent.py) is included to validate the formatting and structure of the generated agent files. The script uses safe standard library functions and performs no network or external operations.
- [PROMPT_INJECTION]: The skill processes user-provided input to generate system prompts for new agents, representing a surface for indirect prompt injection. 1. Ingestion points: User input is collected via the AskUserQuestion tool to define agent parameters and persona in SKILL.md. 2. Boundary markers: Generated agents use YAML frontmatter delimiters to separate metadata from the prompt body. 3. Capability inventory: The skill performs file system reads (ls, find), file writes to the agents directory, and local Python execution (validate_agent.py). Additionally, generated sub-agents inherit all tools by default. 4. Sanitization: The included validation script (scripts/validate_agent.py) programmatically enforces naming conventions and formatting rules on the generated output.
Audit Metadata