validate-agent
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script, ./scripts/validate-agents.py, to automate checks for model availability, handoff integrity, and structural compliance.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by processing potentially untrusted agent definitions.
- Ingestion points: Agent definition files including frontmatter and structural headers in SKILL.md.
- Boundary markers: No explicit boundary markers or instructions to disregard embedded content are defined in the workflow.
- Capability inventory: The agent has the capability to execute local scripts via subprocess commands.
- Sanitization: The workflow focuses on structural and referential validation but does not describe sanitization or filtering of the content within processed files.
Audit Metadata