debate-agents

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied problems and external web content via WebFetch. It utilizes structured prompt templates in references/procedures/debate.md with explicit boundary markers (e.g., POSITION:, REASONING:, PROPOSAL:) to ensure that ingested data is treated as context rather than instructions.
  • Ingestion points: User input for the debate topic and external content retrieved via WebFetch.
  • Boundary markers: Present. The orchestration logic uses structured Markdown sections to delimit agent inputs.
  • Capability inventory: Access to the Bash tool, WebFetch, and the ability to write to project-local artifact directories.
  • Sanitization: Present. The included management scripts (e.g., append-loop-result.ts) validate fields for illegal control characters before persisting them to the file system.
  • [COMMAND_EXECUTION]: The skill includes several Bun scripts for project maintenance and artifact indexing. These scripts (e.g., manifest-sync.ts, bootstrap-experience.ts) implement security best practices such as lstatSync checks to prevent operations on symbolic links and use path normalization to avoid traversal vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to use WebFetch and WebSearch to gather context for its analytical agents, which is consistent with its primary purpose of providing informed, multi-perspective debate and synthesis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — debate-agents