anthropic-managed-agents
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill documents the official Anthropic API for managed agents, encouraging best practices such as the use of environment variables for secret management.
- [COMMAND_EXECUTION]: Shell commands are provided for API interaction via curl and environment verification via zero doctor. These are intended for setup and troubleshooting.
- [EXTERNAL_DOWNLOADS]: Environment configurations in the examples include standard Python (requests, pandas) and Node.js (typescript) packages from official registries.
- [PROMPT_INJECTION]: The system allows agents to ingest content from external GitHub repositories. This capability is the primary function of the skill and is documented for use with appropriate authentication. \n
- Ingestion points: External GitHub repositories are specified in session creation payloads in SKILL.md. \n
- Boundary markers: Examples do not include specific delimiters for untrusted content. \n
- Capability inventory: The agent environment supports high-privilege operations including filesystem modification and shell access as documented in SKILL.md. \n
- Sanitization: Not explicitly detailed in the provided API usage examples.
Audit Metadata