skills/csark0812/toolbox/multi/Gen Agent Trust Hub

multi

Pass

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the orchestration of parallel subagents that process external repository data and web content, which presents a surface for indirect prompt injection due to a lack of explicit instruction isolation in sub-task prompts.\n
  • Ingestion points: Data enters the subagent context through repository file reads and web research results as defined in the Source section of the member task prompts in references/task-prompt.md.\n
  • Boundary markers: The generic task prompt template in references/task-prompt.md lacks delimiters (such as XML tags or unique markers) to clearly separate sub-task instructions from the untrusted data being analyzed.\n
  • Capability inventory: The skill utilizes the host Task tool (subagent) with capabilities for exploration, gathering, and research, which involve file system access and network operations.\n
  • Sanitization: There is no evidence of filtering, escaping, or validation performed on external content before it is interpolated into sub-task prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 13, 2026, 05:20 PM
Security Audit — agent-trust-hub — multi