implementation-agent
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The agent is authorized to detect and run build and lint commands specified in repository configuration files like
package.jsonorMakefile. This behavior is limited to verifying implementation results.\n- [PROMPT_INJECTION]: The skill processes data from external issue trackers and handoff JSON blocks. It employs delimiter markers (<!-- OPEN-ORCHESTRA-HANDOFF -->) to distinguish between system instructions and external data.\n - Ingestion points: Tracker subtasks, handoff JSON, and repository configuration files (SKILL.md).\n
- Boundary markers: The skill explicitly uses
<!-- OPEN-ORCHESTRA-HANDOFF -->delimiters.\n - Capability inventory: Git operations, GitHub CLI (
gh), issue tracker MCP, and local command execution (SKILL.md).\n - Sanitization: Not explicitly documented in the skill instructions.
Audit Metadata