maestro-analyze
Warn
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [DYNAMIC_EXECUTION]: The skill implements a multi-wave agent pipeline using the spawn_agents_on_csv tool. It dynamically constructs instructions for exploration, scoring, and decision synthesis tasks, which are then executed by parallel sub-agents. This orchestration allows for significant autonomous activity.\n- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted data from a codebase, including project documentation (project.md, roadmap.md), brainstorming artifacts, and source code. There is a surface for indirect prompt injection as these files could contain malicious instructions designed to subvert the analysis.\n
- Ingestion points: Project files, source code, and brainstorming assets in SKILL.md.\n
- Boundary markers: No explicit delimiters or 'ignore' instructions are defined for the data processed by exploration or scoring agents.\n
- Capability inventory: Agents have access to Bash, Read, Write, Edit, and the ability to spawn further agents as defined in SKILL.md.\n
- Sanitization: No input sanitization or validation of the codebase content is performed before analysis.\n- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform directory management and executes the maestro spec load CLI command to retrieve planning specifications. These commands are integral to the setup and context-loading phases of the analysis.
Audit Metadata