orchestration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Command Execution] (LOW): The orchestration patterns rely on executing commands via 'npx cc-mirror' to manage task lifecycles and dependencies. This is the intended primary functionality of the skill.
- [Prompt Injection] (LOW): The skill identifies patterns for ingesting untrusted data, creating a surface for indirect prompt injection. Ingestion points: PR descriptions and comments in 'code-review.md', external source code in 'research.md', and user event logs in 'data-analysis.md'. Boundary markers: None explicitly defined in the pattern documentation. Capability inventory: Sub-agent spawning with broad task instructions and CLI-based task manipulation. Sanitization: No sanitization of ingested content is mentioned in the orchestration logic.
- [External Downloads] (LOW): The use of 'npx' facilitates the execution of the 'cc-mirror' package, which is not included in the trusted source list. This risk is inherent to the functional design of the task-tracking framework.
Audit Metadata