hierarchical-agents
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes untrusted data from the analyzed codebase during documentation generation.
- Ingestion points: Phase 1: Repository Analysis in SKILL.md and the Analysis Checklist in references/generation-process.md instruct the agent to read and evaluate local files and directory structures.
- Boundary markers: No explicit delimiters or instructions to ignore instructions embedded in the analyzed code are provided.
- Capability inventory: The skill uses shell tools like grep, tree, and ripgrep, and suggests running build/test commands like bundle install and bin/rails db:setup.
- Sanitization: No sanitization logic is present for the content extracted from the analyzed repository.
- [COMMAND_EXECUTION]: The skill includes instructions to run several shell commands to analyze project structure and verify environments.
- Evidence: references/generation-process.md provides a checklist of bash commands (e.g., grep, tree, bundle install, rails db:setup) to be executed by the agent to determine the stack and verify the codebase status.
Audit Metadata