subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious instructions designed to bypass safety filters or extract system prompts were found. Role-specific directives like 'Do Not Trust the Report' in the spec-reviewer-prompt are used for task-specific role-playing and do not constitute malicious injection attacks.\n- [EXTERNAL_DOWNLOADS]: The skill does not download external scripts or packages. All referenced tools, such as git-worktrees and code-reviewer, are internal capabilities within the framework.\n- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unverified script downloads were detected.\n- [DATA_EXFILTRATION]: No evidence of data exposure or network-based exfiltration of sensitive information was found.\n- [SAFE]: The skill represents a legitimate automation pattern for software development, focusing on isolation and verification to maintain code quality.
Audit Metadata