Skills
skills/mikeng-io/agent-skills/agent-council/Gen Agent Trust Hub

agent-council

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill uses platform-provided tools such as Read, Write, and Task for its intended purpose of project analysis and reporting. The Bash(ls *) tool is restricted to listing files, and the skill contains no remote code downloads or hardcoded credentials.\n- [PROMPT_INJECTION]: The skill features a standard indirect prompt injection surface where external project data and context are interpolated into prompts for specialized expert sub-agents.\n
  • Ingestion points: The variables review_scope and context_summary in SKILL.md are populated from context and artifacts.\n
  • Boundary markers: Data is interpolated directly into prompts for roles like the Devil's Advocate and Primary Reviewer without explicit delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill uses the Task tool for agent dispatch and the Write tool to save findings to the local filesystem.\n
  • Sanitization: Input content is not sanitized or escaped before being passed to sub-agents. This behavior is consistent with the primary purpose of an analysis skill.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 05:42 PM
Security Audit — agent-trust-hub — agent-council