Skills
skills/sickn33/antigravity-awesome-skills/conductor-implement/Gen Agent Trust Hub

conductor-implement

Warn

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs shell commands using data parsed from local project files. Specifically, 'git commit -m "{commit_prefix}: {task description} ({trackId})"' uses variables extracted from plan.md and metadata.json. If these fields contain shell metacharacters such as backticks or semicolons, it could lead to arbitrary command execution.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes and follows instructions from untrusted data in project files. 1. Ingestion points: conductor/tracks/{trackId}/plan.md, metadata.json, and workflow.md. 2. Boundary markers: Absent. 3. Capability inventory: Execution of git commands and test runners (npm, pytest), and file system modifications. 4. Sanitization: No evidence of validation or escaping for the content of parsed fields before their use in command generation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 28, 2026, 12:04 PM