subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): While the skill processes external implementation plans, which is a potential injection surface, the design incorporates mandatory multi-stage reviews (specification compliance and code quality) that serve as effective mitigations.
- Ingestion points: Implementation plan files and task descriptions processed by the controller and passed to subagents.
- Boundary markers: Task content is organized under markdown headers in prompt templates but lacks explicit delimiter escaping.
- Capability inventory: Subagents are directed to write code, develop tests, and commit changes to the repository.
- Sanitization: No specific content sanitization is described, but the review loops provide verification of all generated output.
- Command Execution (SAFE): The skill orchestrates subagents to perform standard development tasks like running tests and committing code. This execution is confined to the intended development scope and follows a controlled process.
Audit Metadata