Skills
skills/frankxai/arcanea/Swarm Orchestration/Gen Agent Trust Hub

Swarm Orchestration

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The documentation suggests running npx agentic-flow commands to initialize swarms and manage agent life cycles.
  • [EXTERNAL_DOWNLOADS]: The skill requires the agentic-flow package, which is fetched from the npm registry when executed via npx.
  • [PROMPT_INJECTION]: The orchestration system processes high-level goals and tasks, creating a surface for indirect prompt injection.
  • Ingestion points: File SKILL.md contains parameters like the --task CLI argument and the goal field in code snippets that ingest natural language instructions.
  • Boundary markers: No boundary markers or specific 'ignore' instructions are present in the examples to isolate task input from system commands.
  • Capability inventory: The skill manages agent spawning, task distribution (parallel/pipeline), and shared memory access.
  • Sanitization: No sanitization, validation, or escaping of external task strings is demonstrated in the provided orchestration logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 10:51 AM