Skills
skills/reinamaccredy/maestro/maestro-revert/Gen Agent Trust Hub

maestro-revert

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs extensive Git operations, including git log, git cat-file, and git revert, to automate the rollback of implementation work.\n- [COMMAND_EXECUTION]: It interacts with a custom CLI tool br (e.g., br list, br update) to synchronize the status of reverted tasks with the Beads tracking system.\n- [COMMAND_EXECUTION]: The workflow concludes by executing a project-specific verification command ({test_command}) to ensure stability after changes.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it parses data (SHAs and IDs) from local files that could be modified by an attacker.\n
  • Ingestion points: Reads from .maestro/tracks.md, .maestro/tracks/{track_id}/plan.md, and metadata.json.\n
  • Boundary markers: None identified; the skill processes the content of these files without specific delimiters for untrusted input.\n
  • Capability inventory: The skill can execute Git commands, the br CLI tool, and any user-defined test command.\n
  • Sanitization: The skill does not describe any sanitization or strict validation logic for the values parsed from local tracking files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 09:31 PM