team
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a robust workflow for team-based task execution with clear stage transitions and state management.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests codebase files and user-defined tasks.
- Ingestion points: Codebase files are analyzed in the planning stage to generate subtasks.
- Boundary markers: Worker agents receive a preamble with assigned tasks, though explicit delimiters for file content are not detailed.
- Capability inventory: The skill can spawn subagents and read/write state to the local filesystem in the .omc directory.
- Sanitization: While no explicit content filtering is mentioned, the inclusion of a dedicated 'team-verify' stage with specialized security reviewers acts as a significant architectural mitigation against untrusted code instructions.
Audit Metadata