agent-teams-simplify-and-harden
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed as a security-positive development utility. It defines a multi-agent loop where code is implemented and then independently audited for security vulnerabilities, resilience gaps, and unnecessary complexity. The inclusion of a dedicated 'harden-auditor' that checks for injection vectors, hardcoded secrets, and improper authorization is a strong defensive feature.
- [COMMAND_EXECUTION]: The skill provides templates for executing local project-specific commands (e.g.,
bunx tsc,pytest,cargo build). These are standard operations for development workflows and are used to ensure code quality before and after audit passes. - [INDIRECT_PROMPT_INJECTION]: The skill inherently processes untrusted data as it reads and analyzes codebase changes and external plan files.
- Ingestion points: Plan documents (
docs/plans/*.md) and files identified viagit diffin the local repository. - Boundary markers: The skill uses specific 'SCOPE' instructions and 'Fresh-eyes start' protocols in its auditor prompts to anchor the agent's focus and minimize the impact of embedded instructions in the code being reviewed.
- Capability inventory: Sub-agents are empowered to read/write files (implementation agents) or read files (audit agents) and execute local build/test tools as defined in
SKILL.md. - Sanitization: The skill relies on structured role-playing prompts and the 'Explore' (read-only) sub-agent type for auditors to prevent untrusted data from influencing system behavior during the review phase.
Audit Metadata