agentica-spawn
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill templates process a task_description variable that may contain untrusted data. 1. Ingestion points: File SKILL.md in execute and run calls. 2. Boundary markers: None present. 3. Capability inventory: Spawns multiple agents with roles like planner, implementer, and reviewer. 4. Sanitization: No validation or escaping logic is described.
- No Executable Code (SAFE): The skill contains documentation and examples rather than automated scripts or installation routines.
Audit Metadata