Skills
skills/metyatech/skill-manager/sub-agent-dispatch/Gen Agent Trust Hub

sub-agent-dispatch

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of the agents-mcp server from the author's GitHub repository (metyatech/agents-mcp) and fetches operational rules from metyatech/agent-rules.
  • [COMMAND_EXECUTION]: Instructs the user or agent to install global utilities (compose-agentsmd) and run the MCP server using npx and npm commands.
  • [COMMAND_EXECUTION]: Provides platform-specific PowerShell workarounds using .NET classes ([IO.File]::Delete) to perform file operations on Windows environments where standard commands might be restricted by policy.
  • [PROMPT_INJECTION]: Identifies an indirect prompt injection surface in the Review-agent template where the implementation agent's output is interpolated into a prompt for evaluation.
  • Ingestion points: The SKILL.md file defines a template that ingests [implementation agent's report].
  • Boundary markers: Uses square brackets as delimiters for interpolated content.
  • Capability inventory: The skill describes capabilities for multi-file changes and code execution across sub-agents.
  • Sanitization: No explicit instruction filtering or "ignore embedded instructions" warnings are included in the template.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 12:40 AM
Security Audit — agent-trust-hub — sub-agent-dispatch