agents-panel

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The agents-panel skill is susceptible to indirect prompt injection because it incorporates untrusted data into prompts for agents with significant system access.
  • Ingestion points: User-supplied problem descriptions and context variables are interpolated directly into prompts for the debate and poll agents in SKILL.md.
  • Boundary markers: The skill uses labels like PROBLEM: and CONTEXT: to separate data from instructions, but does not provide explicit constraints to ignore malicious commands embedded within that data.
  • Capability inventory: Sub-agents have access to powerful tools including Bash, WebSearch, WebFetch, Read, Grep, and Glob as defined in the allowed-tools section of SKILL.md.
  • Sanitization: The instructions do not specify any input validation, escaping, or sanitization for the user-provided content before it enters the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:34 AM
Security Audit — agent-trust-hub — agents-panel