Skills
skills/l3digital-net/claude-code-plugins/orchestration-execution/Gen Agent Trust Hub

orchestration-execution

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The orchestration model described in the skill involves a lead agent that reads and processes external data sources produced by sub-agents. This creates an inherent surface for indirect prompt injection where a teammate could provide malicious instructions in its status or handoff files that the lead agent then executes.
  • Ingestion points: The lead agent reads status files, compaction events, teammate notes, and handoff files (SKILL.md).
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands within the ingested files are defined.
  • Capability inventory: The orchestration lead has the capability to spawn sub-agents (teammates), message agents, and read or write files (SKILL.md).
  • Sanitization: The instructions do not define any sanitization, validation, or filtering of the content read from teammate files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:36 PM