subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses clear, task-oriented instructions. It includes defensive prompts like 'Do Not Trust the Report' to ensure subagents verify work independently rather than blindly following previous outputs.
- [DATA_EXFILTRATION]: No evidence of network operations or attempts to access sensitive system files (e.g., SSH keys, environment variables) was found.
- [EXTERNAL_DOWNLOADS]: The skill does not perform any external downloads or install unverified packages from remote registries.
- [COMMAND_EXECUTION]: While the skill's purpose involves code implementation and testing, these actions are performed through defined subagent tasks and internal tool calls ('superpowers'). There are no instances of arbitrary or dangerous system command execution.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download and execution of remote scripts or the use of unsafe deserialization methods.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from implementation plans and subagent reports. The templates mitigate risks by instructing reviewers to 'verify everything independently' and 'read the actual code' rather than trusting the textual descriptions provided by other agents.
Audit Metadata