multi-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill does not contain any executable scripts, binaries, or automated shell commands; it is composed entirely of Markdown instructions and role-play definitions.
- [PROMPT_INJECTION]: The skill defines an orchestration workflow that ingests untrusted user input ("Questao do usuario") and passes it to multiple simulated personas. It lacks explicit boundary markers or instructions to ignore embedded commands within the user question, creating a surface for indirect prompt injection. Capabilities include access to the CLI tools listed in the metadata (e.g., gemini-cli, claude-code). (Ingestion point: SKILL.md; Boundary markers: Absent; Capability inventory: YAML tools list; Sanitization: Absent).
- [SAFE]: No malicious patterns such as hardcoded credentials, persistence mechanisms, or obfuscation were detected. References to external tools involve well-known and reputable technology providers.
Audit Metadata