debate
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were identified. The skill's operations are transparent and align with its described purpose of facilitating literary debate.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill ingests untrusted user draft content that is then provided as context to autonomous reviewer agents.
- Ingestion points: Draft content and .status.yaml metadata files are loaded into the agent's context (SKILL.md, Step 1).
- Boundary markers: The moderator logic uses markdown blockquotes and descriptive labels (e.g., "The passage:") to delimit user content within the deliberation challenges.
- Capability inventory: The orchestration flow spawns and manages multiple concurrent AI reviewer agents (SKILL.md, Step 3 and Step 4).
- Sanitization: No explicit filtering or sanitization of the input text is performed to prevent instructions embedded within user drafts from potentially influencing the reviewer personas.
Audit Metadata