maestro-status
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local command-line utilities 'br' and 'bv' to retrieve epic status and robot-generated insights. These tools are used to gather JSON-formatted data regarding task completion and project health. The arguments for these commands are derived from local metadata files.- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it parses content from external files such as 'plan.md' and 'tracks.md' which may contain untrusted data.
- Ingestion points: Reads project data from '.maestro/tracks.md', 'metadata.json', and 'plan.md'.
- Boundary markers: None; the skill parses the content of these files without specific delimiters to isolate data from instructions.
- Capability inventory: The skill can execute local 'br' and 'bv' commands and suggest subsequent 'maestro' commands to the user.
- Sanitization: The skill lacks explicit sanitization or validation logic for the text parsed from the markdown plans.
Audit Metadata