socratic-debate
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it processes external content like PRs and proposals without strict boundaries.
- Ingestion points: The skill ingests user-supplied topics, code review comments, and architectural proposals for the debate process.
- Boundary markers: The instructions do not employ specific delimiters or 'ignore' directives to isolate the debated topic from the agent's logic.
- Capability inventory: The skill specifies that 'consensus fixes are applied silently' and the agent 'goes straight to implementing the consensus recommendation,' which implies the agent has permissions to modify the codebase or files.
- Sanitization: No sanitization or validation of the incoming debate topic is performed, which could allow malicious instructions in the input to bias the deliberation outcome.
Audit Metadata