team-list
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection via the processing of untrusted YAML configuration files.
- Ingestion points: Untrusted data enters the agent context via the Read tool from files in the .team-profiles/ directory.
- Boundary markers: No delimiters or instructions to ignore embedded commands are present in the output generation logic.
- Capability inventory: The skill utilizes Glob and Read tools to access the local filesystem.
- Sanitization: No sanitization or validation is performed on content extracted from YAML fields before it is displayed to the agent.
Audit Metadata