dispatching-parallel-agents
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill creates a high-risk attack surface where agents ingest untrusted data with significant system capabilities. \n
- Ingestion points: Agents are instructed to read test files (e.g., src/agents/agent-tool-abort.test.ts) and subsystem logs which may contain malicious instructions. \n
- Boundary markers: Absent; no specific markers or instructions are provided to help the agent distinguish between data and instructions. \n
- Capability inventory: Sub-agents are expected to perform file writes (to fix code) and command execution (to run test suites). \n
- Sanitization: Absent; there is no guidance on sanitizing or validating external content before processing.
Recommendations
- AI detected serious security threats
Audit Metadata