orchestrate
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines orchestration strategies, such as the Research Swarm, that direct agents to use WebSearch and WebFetch to ingest data from untrusted external websites. This pattern is susceptible to indirect prompt injection where malicious instructions hidden in search results could influence the agent's behavior. The provided prompt templates do not include explicit delimiters or instructions to ignore embedded commands.
- Ingestion points: External content fetched via WebSearch and WebFetch (Strategy 1).
- Boundary markers: Absent in the prompt templates.
- Capability inventory: The skill directs agents to perform file writes, git operations, and code modifications.
- Sanitization: Not mentioned or enforced in the orchestration logic.
- [NO_CODE]: The skill consists entirely of markdown documentation and templates within the SKILL.md file. It does not include any executable Python, JavaScript, or shell scripts, which eliminates the risk of direct malicious code execution from the skill package itself.
Audit Metadata