Subagent-Driven Development
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a development workflow that utilizes subagents to perform tasks and conduct code reviews. The behavior described is consistent with its stated purpose of improving software implementation quality through modular tasks.
- [COMMAND_EXECUTION]: The subagents are instructed to write tests and commit code. These are standard operations for a development-focused AI skill and occur within the context of the subagent's task environment.
- [PROMPT_INJECTION]: The skill ingests content from implementation plans and subagent reports (Indirect Prompt Injection surface). While these serve as potential vectors for malicious instructions, the workflow includes mandatory review checkpoints that mitigate the risk of accidental or malicious execution of unintended commands.
- Ingestion points: The skill reads implementation plans (
[plan-file]) and subagent implementation reports. - Boundary markers: No specific delimiters (like XML tags or multi-shot examples) are used for the plan content in the subagent prompt.
- Capability inventory: Subagents are authorized to write files, execute tests (arbitrary code execution), and perform git commits.
- Sanitization: No explicit sanitization or filtering of the plan content is described.
Audit Metadata