nested-subagents
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides structural instructions for hierarchical task delegation using the platform's native Task tool. No security violations were identified across the 10 threat categories.
- [INDIRECT_PROMPT_INJECTION]: The skill facilitates data flow between nested agents, creating a surface for potential indirect prompt injection through task summaries.
- Ingestion points: Untrusted data enters the agent context through the 'prompt' argument in the Task tool call and the structured summaries returned by child agents to their parents as described in SKILL.md.
- Boundary markers: No explicit boundary markers or 'ignore instructions' warnings are specified for the interpolated data within the task structure.
- Capability inventory: Agents in the tree have access to powerful tools including Bash, Task, and file system tools (Read, Grep, Glob, TodoWrite) as defined in the SKILL.md frontmatter.
- Sanitization: The skill does not provide instructions for sanitizing or escaping the content of sub-agent summaries before they are processed by parent agents.
Audit Metadata