Skills
skills/rohitg00/awesome-claude-code-toolkit/deep-dive/Gen Agent Trust Hub

deep-dive

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from web searches and interpolates it into instructions for subagents.
  • Ingestion points: External data enters the context via the WebSearch tool in Step 2 and is subsequently passed to parallel subagents.
  • Boundary markers: The prompt templates (e.g., in Wave 2+ and the Synthesis step) do not use delimiters such as XML tags or clear structural separators to isolate untrusted context from the agent's primary instructions.
  • Capability inventory: The skill has the ability to spawn multiple Agent subagents and perform file-system write operations to the project's 'docs/' directory.
  • Sanitization: There is no evidence of sanitization, validation, or escaping of the research findings before they are interpolated into prompts or used to derive filenames for report persistence.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 12:18 PM