conductor-new-track
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns were detected in the skill instructions or metadata. The logic is focused on a structured documentation workflow.
- [DATA_EXPOSURE]: The skill accesses local project files (
conductor/product.md,conductor/tech-stack.md,conductor/workflow.md) to gather context. These are localized configuration files used for the skill's intended purpose and do not represent a risk of system-level data exposure. - [COMMAND_EXECUTION]: The skill recommends follow-up actions to the user in the form of other skill commands (e.g.,
/conductor:implement,/conductor:status). It does not usesubprocess,os.system, or similar functions to execute arbitrary shell commands directly. - [INDIRECT_PROMPT_INJECTION]: The skill ingests user-provided text (summaries, user stories) and project context to populate Markdown templates. While this represents a potential surface for indirect injection, the risk is minimal as the output is restricted to documentation files within the project workspace and is subject to user review. (Note: Evidence indicates ingestion points in
SKILL.mdvia user prompts; boundary markers are present in the form of structured Markdown templates; capability inventory is limited to file-write operations within the project folder).
Audit Metadata