Skills
skills/sickn33/antigravity-awesome-skills/conductor-manage/Gen Agent Trust Hub

conductor-manage

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several file system and version control commands to manage the project structure.
  • Evidence: Uses rm -rf, mv, and mkdir -p to manipulate directories within conductor/tracks/ as described in the 'Execute Archive', 'Execute Restore', and 'Execute Delete' sections of resources/implementation-playbook.md.
  • Evidence: Executes git add and git commit to track changes to the project state.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from files within the user's repository.
  • Ingestion points: Reads track information and status from conductor/tracks.md, metadata.json, and plan.md across multiple modes (List, Archive, Cleanup).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content within these files.
  • Capability inventory: The skill has the ability to delete files (rm -rf), move files (mv), and commit changes to the repository.
  • Sanitization: While the skill mandates a specific ID format ({shortname}_{YYYYMMDD}) for new tracks, it does not specify sanitization or escaping for existing content read from the file system before it is used in logic or display.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 12:04 PM