mission-orchestrator
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Utilizes the Bash tool to perform repository state analysis, specifically calling git log to detect codebase drift and staleness of project artifacts.
- [COMMAND_EXECUTION]: Implements atomic file writing for session persistence in .attune/mission-state.json using temporary files and rename operations via the shell.
- [PROMPT_INJECTION]: Features an indirect prompt injection surface by reading and parsing user-controlled markdown artifacts from the docs directory.
- [PROMPT_INJECTION]: Ingestion points: Reads docs/project-brief.md, docs/specification.md, and docs/implementation-plan.md in modules/state-detection.md.
- [PROMPT_INJECTION]: Boundary markers: No delimiters or instructions to ignore embedded content are applied when checking artifacts for required section headers.
- [PROMPT_INJECTION]: Capability inventory: Possesses the ability to execute shell commands via Bash and modify the filesystem via the Write tool.
- [PROMPT_INJECTION]: Sanitization: Validation is limited to checking for the presence of specific strings such as User Stories or Requirements and enforcing minimum character counts.
Audit Metadata