conductor-status
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns such as remote code execution, persistence mechanisms, or credential theft were found. The skill operates within its stated purpose of project status reporting.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its data processing requirements.
- Ingestion points: Content is ingested from
conductor/product.md,conductor/tracks.md,conductor/tracks/{trackId}/plan.md,conductor/tracks/{trackId}/spec.md, andconductor/tracks/{trackId}/metadata.json. - Boundary markers: Absent. The instructions do not specify delimiters for external data or provide directives to the agent to ignore instructions found within the project files.
- Capability inventory: The skill is restricted to reading local files and formatting text. No high-risk capabilities such as network communication, file writing, or subprocess execution are invoked.
- Sanitization: Absent. There is no evidence of validation or filtering for the content read from the local markdown and JSON files.
Audit Metadata