agent-orchestrator
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a robust orchestration logic for complex engineering tasks, utilizing strict phase gates and specialized agent roles to ensure work quality.
- [COMMAND_EXECUTION]: The instructions direct the agent to identify and execute validation commands (e.g., test, lint, build) discovered within repository files like package.json or pyproject.toml. This is legitimate and expected functionality for a development orchestration tool.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by processing untrusted repository data to determine execution steps. 1. Ingestion points: README.md, package.json, pyproject.toml, and CI configurations. 2. Boundary markers: Absent for external file ingestion. 3. Capability inventory: Execution of discovered validation commands (subprocess) and file modifications via delegated agents. 4. Sanitization: Absent, though the multi-agent review process acts as a functional verification gate.
Audit Metadata