aigw-orchestrator
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a high-level orchestrator for infrastructure deployment tasks. It functions by interviewing the user and generating calls to other atomic skills.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill follows security best practices by explicitly instructing the agent to create Kubernetes Secrets for API keys and provides a clear warning: 'never hardcode keys in YAML'.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface as it takes user input via 'Intake Questions' to parameterize downstream skill calls. However, as an orchestrator, this is its primary intended purpose, and no exploitation patterns were found.
- [EXTERNAL_DOWNLOADS]: References to external AI providers like OpenAI and Anthropic are limited to their official, well-known API endpoints for configuration purposes.
Audit Metadata