delegation-router
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The routing logic evaluates natural language indicators to classify tasks, which creates an attack surface where maliciously crafted input could influence agent delegation.
- Ingestion points: Task strings evaluated in the 'classify_task' and 'task_type_routing' sections.
- Boundary markers: Absent; there are no explicit instructions to ignore nested commands or use delimiters for untrusted task data.
- Capability inventory: This is a no-code skill with no direct execution capabilities (no subprocess, file-write, or network operations).
- Sanitization: No input sanitization or validation logic is defined within the routing rules.
Audit Metadata