assist
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard development tools such as Git utilities (
git status,git log,git diff) and build systems (npm run build,go build) to assess the repository state and identify project frameworks. These operations are essential for its primary function as a development orchestrator and do not involve unauthorized command execution. - [SAFE]: Implements a robust Human-in-the-loop (HITL) checkpoint system via
AskUserQuestion. This requires explicit user consent before enabling detailed task tracking or proceeding when routing logic is ambiguous, ensuring user oversight of the agent's actions. - [SAFE]: Employs a structured 'Handoff Protocol' for passing context between agents in the pipeline. This method ensures transparency in the data flow and reduces the risk of logic errors or context contamination during multi-agent transitions.
- [PROMPT_INJECTION]: The skill analyzes external data such as user arguments (
$ARGUMENTS) and Git logs to determine routing logic. While this establishes an indirect prompt injection surface (Category 8), the risk is mitigated by the skill's requirement for human confirmation during ambiguous routing and its reliance on pre-defined, structured routing rules.
Audit Metadata