coding-router
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The package utilizes extensive shell and Python orchestration scripts (
scripts/code-implement,scripts/tmux-run,scripts/acpx-direct) to manage external coding agent CLIs such as Codex, Claude Code, and ACPX. These wrappers add critical reliability layers by standardizing logging, enforcing execution timeouts, and managing multi-phase session persistence. - [SAFE]: No malicious obfuscation, credential harvesting, or exfiltration patterns were detected. The codebase demonstrates high engineering standards for security, including strict input validation (rejecting control characters in prompts), canonical repository path validation to prevent execution in duplicate environments, and proactive tooling checks in the
scripts/doctorutility. - [PROMPT_INJECTION]: The skill architecture is built around defense-in-depth instructions that mitigate unauthorized mutations. It uses dedicated system prompt templates to enforce a read-only state during planning phases. The 'APPROVE' gate is implemented both as a natural language instruction and as a technical validation step in
wrapper_policy/plan_gate.py, ensuring that the agent cannot proceed to implementation without a verified approval signal.
Audit Metadata