agent-coordination
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface Area
- Ingestion points: The orchestration strategies described in
strategies.mdandexamples.mdinvolve tools likeweb-doc-resolverandcodebase-analyzerwhich ingest data from potentially untrusted external sources. - Boundary markers: The instructions do not specify or require the use of delimiters (e.g., XML tags or triple quotes) or explicit 'ignore instructions' warnings when processing data from these sources.
- Capability inventory: The workflow involves agents with significant capabilities, such as
feature-implementer(which writes code to the filesystem) andloop-agent(which executes commands viacargoand local shell scripts). - Sanitization: There is no provision or guidance for sanitizing external data before it is interpolated into prompts or used to drive implementation decisions.
- [COMMAND_EXECUTION]: Automated Command and Script Execution
- The skill instructs the agent to perform autonomous execution of local commands and scripts as part of quality gates and iterative loops, including
cargo test,cargo clippy, and./scripts/code-quality.sh(as seen inexamples.mdandquality-gates.md). While standard for software development, these automated executions are triggered by the coordination logic.
Audit Metadata