dev-swarm-create-update-agent-skill
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates a surface for indirect prompt injection (Category 8) by using untrusted user input to generate instructions and code for new skills.
- Ingestion points: User requirements for skill functionality and role descriptions are collected in Step 1 and Step 3.
- Boundary markers: The instructions do not prescribe the use of delimiters or instructions to ignore nested prompts in the generated content.
- Capability inventory: The skill allows for the creation of files and scripts within the skill directory structure in Steps 2, 3, and 5.
- Sanitization: No validation or escaping is performed on user input before it is used to generate file content.
Audit Metadata