assemble-panel
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted external data to influence its logic.
- Ingestion points: The skill accepts git diffs and plan files as the
scopeparameter in SKILL.md. - Boundary markers: No explicit markers or instructions are provided to the agent to disregard embedded instructions within the processed
scopedata. - Capability inventory: The skill's output is limited to recommending agent names and policies; however, the orchestrator consuming this data has the capability to dispatch reviewers and manage workflow state.
- Sanitization: There is no mention of sanitization or validation of the input data before keyword matching occurs.
- [SAFE]: The skill serves as a static metadata and logic definition. It contains no commands for network exfiltration, sensitive file access, or remote code execution. All logic is performed within the model's context based on provided text inputs.
Audit Metadata