agent-team-builder
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes user-provided business process context to generate system prompts for new agents. This could allow a user to inject instructions that alter the intended behavior of the generated agents.\n
- Ingestion points: User responses during Phase 1: Business Process Identification in SKILL.md.\n
- Boundary markers: Absent; there are no instructions to use delimiters or guardrails when incorporating user-provided descriptions into the generated system prompts.\n
- Capability inventory: The skill is assigned Write and Bash tools in SKILL.md for generating the team structure and configuration files.\n
- Sanitization: Absent; the instructions do not include steps to validate or sanitize the user's business process descriptions before prompt generation.\n- [COMMAND_EXECUTION]: The skill is configured with Bash and Write tools, which it uses to manage directory structures and generate configuration files. While aligned with its purpose as a builder tool, these permissions grant broad access to the local environment.
Audit Metadata