dispatching-parallel-agents
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): High-risk attack surface identified in the parallel agent dispatch workflow. * Ingestion points:
SKILL.mdandreferences/agent-prompt-example.mduse error messages and test outputs as primary prompt components. * Boundary markers: No delimiters or isolation techniques are used to separate untrusted data from instructions in the example templates. * Capability inventory: Agents are tasked with 'Fixing bugs' and 'Adjusting test expectations' insrc/agents/, granting file-write capabilities. * Sanitization: No input validation or sanitization of the error/test content is suggested.
Recommendations
- AI detected serious security threats
Audit Metadata