agent-orchestrator-standalone
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or security vulnerabilities were identified. The skill correctly implements its orchestration logic as described.- [COMMAND_EXECUTION]: The skill involves running standard software development commands for bug reproduction and validation (e.g., tests, lint, build). These actions are limited to the project's own environment and represent the intended functionality of a development-focused agent.- [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection surface as it processes external repository content.
- Ingestion points: The 'auditor' and 'explorer' sub-agents read repository files and documentation to identify issues.
- Boundary markers: While explicit boundary markers are not used in the instructions, the skill defines strict task-specific roles for sub-agents which limits the risk of following embedded instructions.
- Capability inventory: The skill can modify code files via the 'implementer' role and execute validation commands.
- Sanitization: No input sanitization is performed, but the workflow mitigates risk through a multi-stage review process (Spec Review and Quality Review) before any changes are finalized.
Audit Metadata