Skills
skills/ianphil/my-skills/implement-agents/Gen Agent Trust Hub

implement-agents

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the interpolation of user-provided arguments into subagent instructions.
  • Ingestion points: The skill accepts user input via the $ARGUMENTS variable in SKILL.md.
  • Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands around the {WORK_UNIT} placeholder in the subagent prompt template in SKILL.md.
  • Capability inventory: The skill utilizes git worktree and git branch commands, and spawns subagents via the Task tool to execute /implement in SKILL.md.
  • Sanitization: No evidence of input validation or sanitization for $ARGUMENTS before they are passed to subagents.
  • [COMMAND_EXECUTION]: The skill executes local shell commands to manage the git environment.
  • Evidence: It executes git worktree and git branch to create isolated environments, and uses tail to monitor subagent output files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:29 AM