creating-subagents
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides purely educational content and templates for subagent configuration without including any executable scripts or malicious instructions.
- [SAFE]: The documentation actively promotes security best practices, such as using the principle of least privilege by explicitly defining tool sets and recommending selective Bash access (e.g.,
Bash(git:*)). - [SAFE]: No evidence of prompt injection, data exfiltration, or obfuscation was found. The instructions for 'Proactive Invocation' are standard configuration guidance for the platform's delegation logic.
- [SAFE]: The skill correctly identifies and warns about the security implications of MCP tool inheritance when tool restrictions are omitted, guiding users toward safer configurations.
Audit Metadata