innovate
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill manages its state by reading, writing, and deleting files within the project's memory directory, specifically handling run markers and historical records for subagent dispatches.
- [PROMPT_INJECTION]: The skill processes external artifact content and subagent-generated proposals, which creates a surface for indirect prompt injection. This is addressed by using structured headers as boundary markers and a mandatory 'red-teaming' review pass intended to vet all suggested changes.
- [SAFE]: The skill implements strict validation for the 'sweep-id' parameter using a regular expression and enforces double-quoting for YAML metadata to prevent parsing ambiguities or type coercion errors.
Audit Metadata