subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a legitimate and well-structured software development lifecycle using specialized subagent roles. The logic and instructions provided are consistent with the intended purpose of improving code quality and development velocity.
- [COMMAND_EXECUTION]: The workflow involves the execution of development-oriented tasks, including git operations, testing, and task state synchronization. These commands are executed through predefined tools in the environment and are necessary for the development process.
- [PROMPT_INJECTION]: The skill uses prompt templates to guide subagents. These templates include robust instructions, such as requiring the spec reviewer to independently verify code implementation rather than trusting reports, which mitigates risks associated with processing untrusted task descriptions or implementer outputs.
- [DATA_EXFILTRATION]: The skill accesses a
.tasks.jsonfile to manage task state and progress across sessions. These operations are limited to local file system access for workflow persistence and do not involve any unauthorized data transmission or exfiltration.
Audit Metadata