Skills
skills/mikeng-io/agent-skills/debate-protocol/Gen Agent Trust Hub

debate-protocol

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input in the form of review_scope and context_summary which are interpolated directly into task prompts for expert sub-agents in Phase 1. This creates a potential surface where malicious instructions embedded in the material being reviewed could attempt to influence the sub-agents' logic.
  • Ingestion points: debate_input fields review_scope and context_summary in SKILL.md.
  • Boundary markers: Absent; inputs are directly interpolated into the template strings.
  • Capability inventory: The skill utilizes Read, Write, Task, and restricted Bash(mkdir *) tools.
  • Sanitization: No specific sanitization or escaping of the user-provided scope is performed before prompt construction.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 05:42 PM