overdo-orchestrate
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill defines a flow for reading and executing tasks from a local SQLite database, which is its primary intended function. 1. Ingestion points: Task data read via overdo_task_next_ready. 2. Boundary markers: None specified in instructions. 3. Capability inventory: Restricted to specific MCP tools; manual shell execution is forbidden. 4. Sanitization: Relies on the inherent constraints of the provided MCP toolset.
- [NO_CODE] (SAFE): The skill package does not include any scripts, binaries, or external code files.
Audit Metadata