test-prompt
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious executables, persistence mechanisms, or unauthorized system modifications were identified in the skill instructions.
- [PROMPT_INJECTION]: The skill includes documentation examples of instructions and scenarios meant to evaluate how subagents respond to pressure or 'jailbreak' attempts. These are pedagogical examples for testing purposes and are not active attempts to manipulate the host agent's safety systems.
- [DATA_EXFILTRATION]: The skill provides documentation examples using placeholder API endpoints and tokens (e.g., 'YOUR_TOKEN'). These are standard documentation practices and do not constitute hardcoded credentials or data harvesting.
- [PROMPT_INJECTION]: The skill identifies a workflow where a primary agent processes output from subagents, representing a surface for indirect prompt injection.
- Ingestion points: Results from the
Tasktool (subagent output) are read and analyzed by the primary agent as part of the RED-GREEN-REFACTOR cycle (SKILL.md). - Boundary markers: Absent; the skill does not explicitly instruct the agent to use unique delimiters for subagent output, though it suggests verbatim reporting.
- Capability inventory: The skill utilizes the
Tasktool to orchestrate subagents and examples show usage of standard developer tools likenpmandgit. - Sanitization: The instructions do not define specific sanitization or escaping procedures for data returned from subagents.
Audit Metadata