IterativeDepth
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where untrusted user input can influence the behavior of sub-agents and task creation.\n- Ingestion points: Untrusted input from the Problem/Request and Context fields is processed in Workflows/Explore.md.\n- Boundary markers: The workflow and agent templates lack delimiters or instructions to treat user input as data rather than instructions, potentially leading to accidental obedience of instructions within the data.\n- Capability inventory: The skill can orchestrate multiple sub-agents and call task management tools such as TaskCreate and TaskUpdate to modify the agent's task state.\n- Sanitization: No input validation, escaping, or filtering of external content is implemented before user-provided data is interpolated into prompts.
Audit Metadata