Council
Audited by Gen Agent Trust Hub on Feb 13, 2026
================================================================================
🟡 VERDICT: MEDIUM
This skill is rated MEDIUM due to the presence of unverified local dependencies. The skill's functionality relies on external TypeScript files (./lib/council-utils, ./lib/algorithm-utils, ./lib/observability) that are imported but whose content is not provided for security analysis. This prevents a complete audit of the skill's behavior, as these unverified files could potentially contain malicious code, including arbitrary command execution or data exfiltration.
Total Findings: 2
🟡 MEDIUM Findings: • Unverifiable Local Dependencies
- Line 206 (workflows/Convenecouncil.md): The skill imports
./lib/algorithm-utilsand./lib/observabilitybut their content is not provided. This prevents a full security audit of the skill's behavior, as these files could contain unverified or malicious code. ThesendEventToObservabilitycall, in particular, could potentially exfiltrate data if implemented maliciously within the unverifiedobservability.tsfile. • Unverifiable Local Dependencies - Line 20 (SKILL.md): The skill references
import { conveneCouncil } from './lib/council-utils';which is a local import whose content is not provided for analysis. This prevents a full security audit of the skill's behavior.
🔵 LOW Findings: • Indirect Prompt Injection Risk
- Line 14 (workflows/Convenecouncil.md): The skill is designed to process user-provided input (topic, context, constraints) which is then inserted into sub-agent prompts. This makes the skill inherently susceptible to indirect prompt injection, where a malicious user could craft input to manipulate the sub-agents' behavior. This is an inherent risk of the skill's design, not a direct malicious pattern within the skill's code.
================================================================================