Skills
skills/avifenesh/agentsys/orchestrate-review/Gen Agent Trust Hub

orchestrate-review

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the exec() function to perform shell operations for version control, specifically git add and git commit. While these commands are hardcoded for repository management, they represent the use of system-level execution capabilities within the orchestration loop.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates the content of files being reviewed directly into the prompts for sub-agents without sanitization.
  • Ingestion points: The content of the files specified in the files array is joined and interpolated directly into the Task Prompt Template used to spawn reviewer sub-agents.
  • Boundary markers: Boundary markers or delimiters are absent; source code is placed into the prompt without a clear separation from instructions.
  • Capability inventory: The orchestrator possesses the ability to execute shell commands via exec() and is designed to apply code fixes to the local filesystem.
  • Sanitization: No sanitization, escaping, or filtering is applied to the file content before it is processed by the sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 12:25 AM