subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill and its associated prompt templates contain no evidence of malicious code, credential harvesting, or unauthorized network activity.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes implementation plans and interpolates task descriptions into subagent prompts. Ingestion point: implementation plan files; Boundary markers: not explicitly defined; Capability inventory: filesystem modification, test execution, and git operations; Sanitization: none. The multi-stage review process defined in the workflow (spec compliance and code quality) serves as a functional mitigation.
- [COMMAND_EXECUTION]: The subagents are authorized to execute development-related commands (git, test runners), which is appropriate for the skill's stated purpose of executing development plans.
Audit Metadata