Skills
NYC
skills/llama-farm/llamafarm/generate-subsystem-skills/Gen Agent Trust Hub

generate-subsystem-skills

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (LOW): The skill exhibits a surface for Indirect Prompt Injection (Category 8) because it processes untrusted data from the repository to generate new persistent agent instructions (SKILL.md files).
  • Ingestion points: The skill reads subsystem-registry.md, dependency manifests (package.json, pyproject.toml, go.mod), and arbitrary source files using the Read, Grep, and Glob tools.
  • Boundary markers: Absent. The sub-agent prompt templates do not specify delimiters or provide instructions to ignore potentially malicious commands embedded in code comments or metadata.
  • Capability inventory: The skill possesses the Write and Edit capabilities to create files in .claude/skills/, and the Bash tool for executing commands.
  • Sanitization: Absent. Extracted code patterns are interpolated directly into generated documentation and checklists without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:08 PM