Skills
skills/ibrahim-3d/conductor-orchestrator-superpowers/context-loader/Gen Agent Trust Hub

context-loader

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run git ls-files and ls -la to identify project structure and check file sizes. This is used to stay within token limits and optimize context loading.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) as it reads data from project files that could contain malicious instructions.\n
  • Ingestion points: Project files such as package.json, Cargo.toml, pyproject.toml, and various files within the conductor/ directory (e.g., product.md, tech-stack.md, tracks.md, spec.md, plan.md) are read into the agent's context.\n
  • Boundary markers: No explicit delimiters or instructions to ignore embedded prompts are provided when reading files.\n
  • Capability inventory: The skill has access to shell command execution (git, ls) and file system read operations.\n
  • Sanitization: Content from the ingested files is not sanitized or validated before being added to the context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:30 AM