code-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill analyzes user-provided code and requests to select an appropriate specialist agent, which introduces a theoretical attack surface for indirect prompt injection.
- Ingestion points: The skill ingests user coding requests and code snippets during the 'Phase 1: Analysis' and 'Selection Algorithm' steps in SKILL.md.
- Boundary markers: The orchestration logic does not define explicit delimiters or instructions for the agent to ignore instructions embedded within the user-provided code (e.g., in comments).
- Capability inventory: The skill itself has no direct capabilities (no subprocess, network, or file system access), but it delegates tasks to other agents which may have such tools.
- Sanitization: There is no evidence of input sanitization or validation before the request is used to trigger specialist agent routing.
Audit Metadata