model-hierarchy
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The task classification logic relies on keyword matching (e.g., 'debug', 'security', 'architect') to escalate tasks to 'Premium' models. This presents an indirect prompt injection surface where external data could force the agent to use high-cost resources.
- Ingestion points: Task descriptions and user-provided context used for routing.
- Boundary markers: Absent; keywords are scanned from the raw task input.
- Capability inventory: The skill directs model switching and sub-agent tiering.
- Sanitization: None; basic string matching is performed on unvalidated inputs.
- External Downloads (SAFE): No remote scripts or binaries are automatically downloaded. Manual setup instructions are routine.
- Credentials Unsafe (SAFE): No hardcoded API keys or secrets were found in the skill or configuration examples.
- Remote Code Execution (SAFE): No patterns for automated remote code execution or suspicious subprocess calls were identified.
Audit Metadata