subagent-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill serves as a prompt generator for new agents, creating a surface where malicious user requirements could influence the resulting agent's behavior. 1. Ingestion points: User-provided requirements for sub-agent roles and behavior (SKILL.md). 2. Boundary markers: Absent; no delimiters are used in the generated markdown prompts. 3. Capability inventory: Generated agents can be granted access to Bash, Write, and MCP tools (references/available-tools.md). 4. Sanitization: No validation or filtering of requirements is performed before creation.
- [Command Execution] (SAFE): Includes a standard directory creation command (mkdir) in the documentation examples for project initialization purposes.
Audit Metadata