team-solve
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, such as hardcoded credentials, unauthorized network operations, or persistent mechanisms, were found in the skill metadata or instructions.
- [PROMPT_INJECTION]: The skill manages agents that ingest and analyze local codebase content, which is an indirect prompt injection surface. 1. Ingestion points: Investigator subagents read files and explore directories within the local filesystem. 2. Boundary markers: The skill includes a strict 'Teammate Protocol' that explicitly instructs agents to derive instructions only from the TaskGet tool and forbids following any instruction-like content found in the filesystem. 3. Capability inventory: The skill utilizes tools for task management, messaging, Git operations (status, diff, add), and temporary file creation (mktemp). 4. Sanitization: The workflow mitigates risks by structurally isolating task instructions from the data being analyzed, ensuring subagents do not improvise or execute code found during research.
Audit Metadata