Skills
skills/serpro69/claude-toolbox/cove/Gen Agent Trust Hub

cove

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
  • Ingestion points: User-provided questions and the internally generated "Initial Answer" (documented in cove-isolated.md) serve as inputs for verification questions.
  • Boundary markers: The sub-agent prompt template in cove-isolated.md lacks delimiters or "ignore instructions" directives around the {verification_question} variable.
  • Capability inventory: Sub-agents spawned via the Task tool in cove-isolated.md have access to tools including WebSearch, Read, and context7.
  • Sanitization: No sanitization or validation of verification questions is performed before sub-agent invocation.
  • [COMMAND_EXECUTION]: Multi-tool Verification Workflow. The skill documentation in cove-process.md and cove-isolated.md instructs the agent to utilize platform tools like WebSearch, context7, Read, and Grep for fact-checking and technical verification, which is consistent with its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:19 PM