agent-messaging
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill advises agents to 'paste content directly' from tasks into subagent briefs. This pattern creates a vulnerability to indirect prompt injection if the task descriptions contain adversarial instructions designed to hijack the subagent's logic.\n
- Ingestion points: Instructions in SKILL.md for constructing subagent briefs by pasting full task text.\n
- Boundary markers: Templates use headers like '## Task Description' but do not include explicit instructions to sanitize inputs or include 'ignore instructions' delimiters.\n
- Capability inventory: Agents following these guidelines utilize subagent dispatch and peer messaging capabilities.\n
- Sanitization: The skill lacks recommendations for sanitizing or validating external content before it is incorporated into messaging prompts.
Audit Metadata