agent-orchestrator-task
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands within its lifecycle hooks for logging and timestamping. The pre-hook executes echo, date, and tail commands while the post-hook executes echo and date commands.
- [PROMPT_INJECTION]: The skill is designed to decompose complex objectives and synthesize results from multiple agents, creating a surface for indirect prompt injection.
- Ingestion points: The skill ingests untrusted data via user-provided 'complex objectives' and aggregated results from 'downstream agents' as described in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions provided to the LLM to ignore potentially malicious instructions embedded in the agent outputs it synthesizes.
- Capability inventory: The skill has the capability to execute shell commands in its hooks and interacts with specialized agents such as GitHub and Testing agents that may have broader system access.
- Sanitization: There is no evidence of input validation, escaping, or sanitization of external agent data before processing or result synthesis.
Audit Metadata