Skills
skills/oaustegard/claude-skills/tiling-tree/Gen Agent Trust Hub

tiling-tree

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface exists where untrusted data (user-provided problem and subagent-generated branch definitions) is interpolated into subsequent LLM prompts.
  • Ingestion points: tiling_tree.py accepts the problem string from command-line arguments and branches data from JSON responses generated by external subagents.
  • Boundary markers: Absent. Data is interpolated directly into prompts (e.g., _evaluator_prompt) without specific delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill uses invoke_claude and invoke_parallel for multi-agent orchestration and performs filesystem writes to /mnt/user-data/outputs/.
  • Sanitization: Absent. Content from subagent responses is parsed as JSON but the resulting strings are not sanitized for malicious instructions before being used in subsequent splitting or evaluation prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 04:36 AM