subagent-delegation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the analysis of external codebase files, which creates a surface for indirect prompt injection if those files contain malicious instructions or hidden commands.
- Ingestion points: Examples in references/patterns.md (Pattern 3: File Analysis) and examples/delegation-patterns-examples.md (Example 3: Code Analysis) demonstrate subagents reading and summarizing files and patterns directly from the project directory.
- Boundary markers: SKILL.md defines a manual review process and Quality Control checklist, but the provided prompt templates do not utilize technical delimiters (like XML tags or clear separators) to isolate processed content from instructions.
- Capability inventory: The skill uses the runSubagent and mcp_sequentialthi_sequentialthinking tools to perform analysis and task execution.
- Sanitization: There is no evidence of sanitization, escaping, or filtering applied to the content of the files before they are interpolated into the subagent's prompt context.
Audit Metadata