deep-verify
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download necessary dependencies such as context, preflight, and domain-registry from the author's official GitHub repository at github.com/mikeng-io/agent-skills.\n- [COMMAND_EXECUTION]: The skill utilizes restricted Bash commands including ls, mkdir, and git to verify the presence of dependencies and manage structured output artifacts in the .outputs/verification/ directory.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through its multi-agent orchestration logic, which is documented below according to required evidence chains.\n
- Ingestion points: Conversation context and artifacts are extracted in Step 0 and Step 1 and stored within the working_scope variable.\n
- Boundary markers: Absent; the prompt templates defined in Step 2 for expert agents such as the Devil's Advocate interpolate conversation context directly into instructions without distinct delimiters or escape sequences.\n
- Capability inventory: Agents orchestrated by this skill have access to the Task tool for spawning sub-agents, the Skill tool for cross-skill invocation, and Bash for restricted filesystem operations.\n
- Sanitization: There is no evidence of sanitization or filtering of the user-provided context before its interpolation into sub-agent prompts.
Audit Metadata