gitea-coordinator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill documentation describes the use of standard development tools including git, tea (Gitea CLI), and npm for automated version control and testing workflows.\n- PROMPT_INJECTION (LOW): The coordinator skill processes task data from the backlog and status updates from workers, establishing an indirect prompt injection surface. This is a functional requirement for orchestration and is handled through local filesystem communication. 1. Ingestion points: .coordinator/state.json, .coordinator/workers//progress.json, and context/backlog/.md. 2. Boundary markers: Not explicitly defined in the templates. 3. Capability inventory: Execution of git and tea commands, local shell scripts, and spawning sub-agents via the Task tool. 4. Sanitization: No explicit sanitization or validation of the backlog markdown content is described in the provided templates.
Audit Metadata