expert-validator
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks identified. The skill operates entirely within the local workspace to perform its stated function of strategy validation.- [PROMPT_INJECTION]: The skill incorporates content from local research files (such as
strategy-brief.md) into sub-agent prompts. While this creates a surface for indirect prompt injection, the risk is localized to the user's project files, and the behavior is necessary for the skill's core purpose.- [COMMAND_EXECUTION]: The skill uses a structuredTaskorchestration tool to invoke specialized sub-agents. These are internal LLM calls rather than operating system command executions. File operations are limited to reading and appending to markdown files in the research directories.
Audit Metadata