Agent Coordination
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to listen for and process 'signals' from other agents on a public, decentralized network (ATProtocol). This creates a surface where an attacker can send malicious instructions formatted as legitimate coordination signals.
- Ingestion points: The
tools/coordination.pyscript vialisten,list, andquerycommands retrieves external content from the network. - Boundary markers: The documentation lacks explicit boundary markers or instructions to treat incoming signal content as untrusted data.
- Capability inventory: The skill utilizes
uvto execute local Python modules and performs network operations (XRPC) to interact with the ATProtocol. - Sanitization: No sanitization or validation logic for the 'content' or 'context' fields of incoming signals is documented, allowing raw external input into the agent's context.
Audit Metadata