error-debugging-multi-agent-review
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code, file paths, and Git repositories through the
$ARGUMENTSparameter. Malicious instructions embedded in the code being reviewed could attempt to influence the agent's behavior or manipulate the results of the specialized review agents.\n - Ingestion points: The skill ingests external content from the
$ARGUMENTSparameter, which supports file paths, Git repositories, and code snippets.\n - Boundary markers: No explicit boundary markers or instructions to treat input strictly as data are defined in the skill.\n
- Capability inventory: The orchestrator manages multiple specialized agents, including security auditors, architecture specialists, and performance analysts.\n
- Sanitization: No input validation or sanitization of the target code is mentioned or implemented in the provided orchestration logic.
Audit Metadata