conductor-implement
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests instructions from external project files like 'workflow.md' and 'plan.md' and treats them as authoritative rules. Ingestion points: 'conductor/workflow.md' and 'plan.md'. Boundary markers: Not present. Capability inventory: Includes 'git' operations and file modifications. Sanitization: None identified.
- [COMMAND_EXECUTION]: The skill performs Git commands ('git add', 'git commit') to track progress and update track statuses. It executes implementation steps that are dynamically resolved from local project files.
Audit Metadata