Skills
skills/seqis/openclaw-skills-converted-from-claude-code/agent-orchestrator/Gen Agent Trust Hub

agent-orchestrator

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface because it is designed to parse external request scopes and integrate outputs from various specialist agents, which could contain malicious instructions designed to subvert the orchestrator.
  • Ingestion points: The 'Analyze' and 'Integrate' sections in SKILL.md describe processing external requests and agent outputs.
  • Boundary markers: The prompt lacks explicit delimiters or instructions to ignore potential commands embedded within the data it processes.
  • Capability inventory: The agent has access to a wide range of powerful tools, including Bash, Write, Edit, and Task.
  • Sanitization: There is no evidence of input validation or output sanitization to mitigate the risk of processing untrusted content.
  • [COMMAND_EXECUTION]: The orchestrator is granted access to the Bash tool, enabling it to execute arbitrary shell commands. While necessary for its intended purpose, this capability could be exploited if the agent's logic is compromised via indirect injection.
  • Tool access: The 'Imported Agent Spec' in SKILL.md explicitly includes Bash in the list of available tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:13 AM