mixseek-orchestrator-config
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute a local Python script via
uv run pythonto validate the generated configuration. The script path is relative (skills/mixseek-config-validate/scripts/validate-config.py), indicating a dependency on another local skill's content. - [COMMAND_EXECUTION] (LOW): The skill provides shell commands for the user/agent to run the
mixseekCLI tool with the generated configuration file. This is an intended functionality of the skill. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes user-provided requirements (team names, round counts, timeouts) to generate a TOML configuration. While the output is structured data, the potential for schema-based injection exists if the downstream
mixseektool or validation script does not properly sanitize these values. However, the mandatory validation step acts as a mitigation factor.
Audit Metadata