Skills
skills/jamie-bitflight/claude_skills/swarm-patterns/Gen Agent Trust Hub

swarm-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The 'Research + Implementation' pattern (Pattern 4) demonstrates direct interpolation of sub-agent output into the prompt of a downstream agent, which creates an indirect prompt injection surface.
  • Ingestion points: The variable research.content in SKILL.md is used to build a prompt for a subsequent Agent call.
  • Boundary markers: The code example lacks delimiters or boundary markers to separate the untrusted research content from the main instructions.
  • Capability inventory: The pattern utilizes the Agent tool to spawn sub-agents with broad task-execution capabilities.
  • Sanitization: No validation, escaping, or filtering of the sub-agent output is shown before it is used in the prompt.
  • [PROMPT_INJECTION]: Swarm workers in Pattern 3 and Pattern 6 are instructed to ingest data from the TaskList, which represents another indirect prompt injection surface if task descriptions are sourced from untrusted inputs.
  • Ingestion points: TaskList data ingested by swarm workers in SKILL.md.
  • Boundary markers: Absent in worker prompts.
  • Capability inventory: Workers use TaskUpdate and Agent tools.
  • Sanitization: No sanitization of task content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:40 AM