subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates legitimate developer workflows by automating task implementation and enforcing code review cycles.
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by reading task descriptions from an external file and interpolating them directly into subagent prompts without boundary markers.
- Ingestion points: Implementation tasks and plans read from
[plan-file](SKILL.md). - Boundary markers: Not present in subagent prompt templates; instructions and data are mixed in the same context.
- Capability inventory: Subagents are assigned high-tier capabilities, including code writing, test execution (running local code), and git operations.
- Sanitization: No sanitization or escaping of the ingested plan content is specified before it is passed to subagents.
Audit Metadata