run-parallel-agents-feature-debug
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection due to the way it handles user-provided diagnostic data.\n
- Ingestion points: Untrusted user input, including detailed bug descriptions, error messages, and stack traces, is collected to form debugging briefs in SKILL.md (Step 3 and Step 4).\n
- Boundary markers: The prompt templates for sub-agents lack explicit boundary markers or delimiters (e.g., XML tags, triple quotes) to encapsulate the untrusted user input, increasing the risk that the sub-agent interprets instructions within the user data as its own.\n
- Capability inventory: The skill utilizes the
Agenttool to orchestrate sub-agents with substantial capabilities, including file modification via worktree isolation and execution of various CLI and build tools.\n - Sanitization: There are no instructions or mechanisms specified for sanitizing, escaping, or validating user-provided error logs and descriptions before they are used to generate prompts for sub-agents.
Audit Metadata