parallel-diagnosis
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists of instructional markdown and does not include any executable scripts, binaries, or logic beyond the provided coordination steps.
- [SAFE]: The bug diagnosis process utilizes platform-native features like sub-agents and user clarification prompts without requesting sensitive file access, network permissions, or privileged command execution.
- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it processes untrusted user input and file content through agents.
- Ingestion points: Problem statements and file paths provided by the user (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the provided data.
- Capability inventory: Sub-agents are restricted to reading code and producing prose reports; they lack access to high-risk tools such as shell execution or network operations.
- Sanitization: No validation or sanitization is performed on the problem statement before processing.
Audit Metadata