coliseum-orchestrator
Warn
Audited by Socket on Jun 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill’s orchestration purpose largely matches its behavior, and it does not show direct credential theft, exfiltration, or malicious payload execution. The main risk is transitive trust: it autonomously dispatches to multiple unverified sub-skills/agents with broad tool access, including Bash, without providing provenance or version controls for those dependencies.
Confidence: 100%Severity: 60%
Audit Metadata