orchestrate
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The analyzed skill contains only markdown-based instructions and metadata. It does not include any scripts, binaries, or automated configuration files.
- [PROMPT_INJECTION]: The skill outlines a workflow that creates a surface for indirect prompt injection by having agents research a codebase and perform actions based on those findings.
- Ingestion points: Data enters the agent context during the 'Research' phase (SKILL.md) when the scout or orchestrator agents explore the codebase.
- Boundary markers: There are no instructions or delimiters provided to help the agent distinguish between code logic and potential embedded instructions in the files being researched.
- Capability inventory: The 'orchestrator' agent is granted 'Full tool access', and the 'reviewer' agent has 'bash' access (SKILL.md).
- Sanitization: No sanitization or verification steps are defined to filter or validate content retrieved from the codebase before it influences planning or implementation.
Audit Metadata