agent-teams
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a multi-agent orchestration framework where sub-agents ingest and process untrusted external data (such as source code and logs) without recommending the use of protective boundary markers. This creates a surface for indirect prompt injection.
- Ingestion points: Teammates are directed to audit and analyze project files and external research data in 'SKILL.md'.
- Boundary markers: The provided templates for role definitions do not include delimiters or instructions for sub-agents to ignore embedded natural language commands within the data they process.
- Capability inventory: Sub-agents are explicitly granted capabilities to read/write files and execute system commands.
- Sanitization: The skill lacks guidance on sanitizing file content before it is processed by the agent team.
Audit Metadata