Skills
skills/itallstartedwithaidea/agent-skills/parallel-agent-orchestration/Gen Agent Trust Hub

parallel-agent-orchestration

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements an orchestration pattern where subtasks and contexts are passed to multiple subagents. This creates a surface for indirect prompt injection where instructions embedded in processed data (such as file content during code reviews or campaign metrics during audits) could influence agent behavior.
  • Ingestion points: TaskDecomposer.decompose and ParallelOrchestrator.execute in SKILL.md process task descriptions and context objects.
  • Boundary markers: Absent; the provided implementation does not include delimiters or instructions to ignore embedded commands in the subtasks.
  • Capability inventory: ParallelOrchestrator.execute in SKILL.md dispatches work to agents via agent.execute which can perform operations like account audits, code reviews, or generic execution based on potentially untrusted input.
  • Sanitization: No input validation or filtering is implemented before passing data to subagents.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 07:04 PM