skill-orchestrator
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs routine orchestration by reading local state files and routing commands to internal sub-skills via the Task tool. No malicious code, exfiltration, or persistence mechanisms were detected.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill ingests content from the project's TODO.md file. Ingestion points: TODO.md. Boundary markers: Absent. Capability inventory: Task tool. Sanitization: Absent. This is a standard architectural pattern for this type of orchestration and is considered safe for the intended use case.
Audit Metadata