Skills
skills/donchitos/claude-code-game-studios/team-audio/Gen Agent Trust Hub

team-audio

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external project documentation (GDDs, sound bible) and configuration files (.claude/docs/technical-preferences.md) to provide context for sub-agents. This creates a potential surface for indirect prompt injection if these files contain malicious instructions designed to override sub-agent behavior.\n
  • Ingestion points: Reads from design/gdd/, assets/audio/, and .claude/docs/technical-preferences.md.\n
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are used when passing ingested content to sub-agents.\n
  • Capability inventory: Access to Bash, Write, Edit, and Task tools allows for command execution and file system modifications.\n
  • Sanitization: No explicit sanitization or validation of the input file content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:16 AM
Security Audit — agent-trust-hub — team-audio