track-management
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes specialized CLI commands
/conductor:new-trackand/conductor:revertfor lifecycle operations. These appear to be environment-specific tools associated with the track management system. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it interprets external data to perform actions.
- Ingestion points: User-provided requirements gathered through interactive Q&A and content from
spec.mdorplan.mdfiles. - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are defined in the file templates to isolate untrusted content.
- Capability inventory: The skill executes CLI commands (
/conductor:*) and performs file system writes and modifications across multiple files (tracks.md,metadata.json,spec.md,plan.md). - Sanitization: There are no explicit instructions to sanitize or validate the content of the requirements before using them to generate implementation plans or metadata.
Audit Metadata