Skills
skills/aj-geddes/claude-code-bmad-skills/bmad-orchestrator/Gen Agent Trust Hub

bmad-orchestrator

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Ingestion of user-defined metadata in configuration files creates a surface for indirect prompt injection.
  • Ingestion points: Project configuration data is read from bmad/config.yaml and docs/bmm-workflow-status.yaml.
  • Boundary markers: Absent; strings are interpolated into templates without delimiters or warnings.
  • Capability inventory: File creation and modification (mkdir, sed) and status display via echo.
  • Sanitization: Absent; no escaping or validation of inputs for shell or template injection.
  • [COMMAND_EXECUTION] (LOW): The skill utilizes bash scripts for project automation. These scripts perform expected file operations but rely on dynamic string interpolation of unvalidated project metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 05:47 PM