subagent-driven-development
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains explicit instructions to bypass user interaction and suppress progress updates ('Continuous Execution'). It directs the agent to execute all tasks in a plan without pausing for confirmation, which reduces human oversight and manual validation of intermediate actions.
- [PROMPT_INJECTION]: The workflow involves ingesting implementation plans and passing task text into subagent prompts without explicit boundary markers or sanitization. This creates a surface for indirect prompt injection where instructions embedded in a plan file could influence the behavior of the implementer subagents.
- [SAFE]: The skill implements significant defensive measures, such as requiring reviewers to independently verify code changes ('DO NOT: Trust the report') and maintaining strict context isolation to prevent history leakage between different development tasks.
Audit Metadata