second-opinion
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured logic for a 'second opinion' workflow. It does not include executable code, external network requests, or attempts to access sensitive system data.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied content by passing it to subagents for critique, which is a standard pattern for this type of orchestration but presents an attack surface for indirect prompt injection. Ingestion points: User-provided 'proposed fix' in SKILL.md. Boundary markers: Absent; the subagent briefing protocol does not include delimiters or instructions to ignore embedded commands. Capability inventory: The skill is limited to text analysis and synthesis; no high-privilege tools (e.g., shell access, network requests) are used. Sanitization: Absent; the proposal is passed 'verbatim' to the subagent without validation or filtering.
Audit Metadata