Skills
skills/phrazzld/claude-config/delegate/Gen Agent Trust Hub

delegate

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes external CLI tools, specifically gemini and thinktank, via the system shell to perform deep reasoning and architectural validation.
  • [PROMPT_INJECTION]: As an orchestration primitive, the skill presents a surface for indirect prompt injection. It gathers and synthesizes outputs from multiple sub-agents (Codex, Kimi, Gemini) which may process untrusted data.
  • Ingestion points: Untrusted data enters the context via the outputs of sub-agents (Codex, Kimi, Gemini) and local files processed by Thinktank.
  • Boundary markers: The skill does not define explicit delimiters or 'ignore embedded instructions' warnings for the data synthesized from sub-agents.
  • Capability inventory: The orchestrator can spawn new sub-agents with high reasoning efforts, execute shell commands, and manage a task-based dependency graph.
  • Sanitization: No explicit sanitization or validation of sub-agent outputs is performed before final synthesis.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 04:47 AM