openai-symphony-autonomous-agents
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the reference implementation and specification from OpenAI's official GitHub repository.
- [COMMAND_EXECUTION]: Includes standard commands to manage the Elixir project lifecycle, including dependency installation and service startup.
- [PROMPT_INJECTION]: The skill ingests external task data from Linear to drive the autonomous coding agent. This creates a surface for indirect prompt injection if malicious instructions are embedded in task descriptions.
- Ingestion points: Task titles and descriptions are retrieved from the Linear GraphQL API.
- Boundary markers: The code snippets do not illustrate explicit boundary delimiters for the agent context.
- Capability inventory: The runner interacts with git, the Codex API, and GitHub to automate code changes and PR creation.
- Sanitization: Includes basic string normalization for branch names.
Audit Metadata