red-team
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted artifact data by interpolating it into prompts for subagents, creating a surface for indirect prompt injection.
- Ingestion points: The red-team-prompt.md file contains placeholders for design documents, implementation plans, and project context which are filled with user-provided content.
- Boundary markers: The prompt template relies on Markdown headers but does not use strict delimiters or provide instructions to the subagent to ignore embedded directives within the untrusted text.
- Capability inventory: The skill influences the development workflow's 'approval' state. Maliciously crafted artifacts could attempt to manipulate the subagent's evaluation to bypass quality checks.
- Sanitization: No sanitization or escaping is performed on the input artifact content before it is passed to the subagent.
Audit Metadata