consult
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a delegation pattern using the
Task toolto forward user queries to specialized sub-agents. It includes explicit mapping logic to validate model names (e.g., codex, gemini) before assigning a sub-agent type, which prevents the execution of unauthorized or arbitrary agents. - [SAFE]: No instances of prompt injection, hardcoded credentials, or data exfiltration attempts were found. The skill does not request network access or interact with the local file system.
- [SAFE]: The skill processes user input from
$ARGUMENTS, creating a standard surface for indirect prompt injection common to agent-to-agent communication. However, the scope of action is limited to delegation, and the skill instructions explicitly require a recognized model name to proceed.
Audit Metadata