dev-swarm-slash-commands
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the creation of persistent command templates using user-provided text, which introduces a surface for indirect prompt injection.
- Ingestion points: User-provided command purpose and arguments defined in Step 1 of SKILL.md.
- Boundary markers: No boundary markers or 'ignore embedded instructions' warnings are used when interpolating user content into templates.
- Capability inventory: The skill specifies writing files to persistent configuration directories (e.g., ~/.claude/commands/, ~/.gemini/commands/) as described in the instructions in SKILL.md.
- Sanitization: No sanitization or validation of the user-provided inputs is mentioned before the agent writes the command files.
Audit Metadata