holistic-linting-orchestrator
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines clear delegation workflows for an orchestrator agent. It uses standard platform capabilities to invoke sub-agents and process their results.
- [COMMAND_EXECUTION]: The instructions explicitly discourage the orchestrator from running shell commands (formatters/linters) directly. Instead, it promotes delegation to specialized sub-agents, which minimizes the attack surface for command injection in the orchestrator's context.
- [DATA_EXFILTRATION]: No exfiltration patterns were detected. The skill reads reports from the local
.claude/reports/and.claude/artifacts/directories, which are standard paths for storing agent-generated status reports and implementation details. - [PROMPT_INJECTION]: The skill contains instructional markers like 'CRITICAL PRINCIPLE' and 'IMPORTANT', which are used legitimately to guide agent behavior and do not attempt to bypass platform safety guardrails or system instructions.
Audit Metadata