panel
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill manages a multi-agent workflow for text analysis using standard coordination patterns.
- [SAFE]: The skill accesses local project metadata (
.status.yaml,TASTE.md) and the draft content. This access is limited to the local file system and is required for the skill's stated purpose. No network exfiltration or credential harvesting patterns were found. - [SAFE]: The skill processes untrusted user drafts and passes them to subagents for review. While this presents an indirect prompt injection surface, the risk is mitigated by the structured markdown templates used to separate draft content from instructions.
- Ingestion points: Draft text and project metadata are loaded in steps 1, 2, and 4 from the local environment.
- Boundary markers: The skill uses explicit markdown headers like
## Draft,## Context, and## Reviewer Outputsto delimit untrusted content. - Capability inventory: The skill utilizes the
Tasktool to spawn subagents; no high-risk capabilities like arbitrary command execution or network access are exposed to the processed content. - Sanitization: No explicit sanitization of the draft text is performed before it is included in the subagent prompts.
Audit Metadata