consensus-voting
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill provides structured instructions and configuration for a multi-agent workflow but does not include any executable code, scripts, or binary files.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection through its ingestion of untrusted code or proposals. 1. Ingestion points: Data enters via external proposals and a local discovery file (~/.amplihack/.claude/context/DISCOVERIES.md). 2. Boundary markers: The prompt templates lack explicit delimiters for external content. 3. Capability inventory: No executable capabilities (e.g., subprocess calls, network operations) are included in the skill. 4. Sanitization: No sanitization or validation logic is specified for ingested data. The identified surface is considered managed within the structured evaluation process.
- [SAFE]: No evidence of malicious behavior, such as hardcoded credentials, obfuscation, unauthorized network activity, or persistence mechanisms, was found in the provided file. References to internal configuration paths are consistent with the skill operational context.
Audit Metadata