parallel-agents
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The orchestration patterns ingest untrusted content from the local filesystem which could contain malicious instructions designed to influence the behavior of the orchestrated agents.\n
- Ingestion points:
SKILL.mdidentifiesRead,Glob, andGrepas allowed tools for discovering and reading codebase content.\n - Boundary markers: Absent; the provided templates for sequential and parallel agent invocation do not include delimiters or instructions to ignore embedded commands in the data.\n
- Capability inventory: The skill orchestrates multiple specialized agents (e.g.,
penetration-tester,security-auditor,backend-specialist) which work together to analyze and potentially modify codebase structures.\n - Sanitization: Absent; there is no mention of sanitizing, escaping, or validating file content before it is passed as context to subsequent agents in the chain.\n- No Executable Code (SAFE): The skill is composed entirely of markdown documentation and metadata. It does not include scripts, binaries, or configuration files that would be executed by the host environment.
Audit Metadata