skills/ibrahim-3d/conductor-orchestrator-superpowers/subagent-driven-development/Gen Agent Trust Hub
subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external implementation plans, creating a surface for indirect prompt injection where instructions within a plan could potentially influence subagent behavior.
- Ingestion points: SKILL.md describes reading external plan files (e.g., docs/plans/feature-plan.md) to extract task descriptions.
- Boundary markers: Present in implementer-prompt.md and spec-reviewer-prompt.md using markdown headers to isolate task data.
- Capability inventory: implementer-prompt.md grants subagents capabilities to modify files and perform git commits.
- Sanitization: Absent; the skill does not perform explicit sanitization of plan content before interpolation.
Audit Metadata