cross-agent-coordination

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the PyYAML package for parsing project configurations and task metadata, which is installed via standard Python package managers.
  • [COMMAND_EXECUTION]: Several scripts (gh_git.py, task_scaffold.py) utilize the subprocess module to execute Git CLI commands for repository management, such as cloning, branching, committing, and pushing code. These commands are executed without a shell and use controlled arguments.
  • [DATA_EXFILTRATION]: The skill interacts with the official GitHub API (api.github.com) to manage Pull Requests and perform repository updates. These network operations are intrinsic to the skill's primary function of cross-agent coordination and target a well-known, trusted service.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes task descriptions and goals from markdown files (project-tasks.md) and interpolates them into PR descriptions or email drafts.
  • Ingestion points: Task definitions are read from project-level markdown files and folder-specific READMEs via collab_lib.py.
  • Boundary markers: Uses standard markdown heading levels to identify task sections.
  • Capability inventory: Includes the ability to perform Git operations and create/merge GitHub Pull Requests via gh_git.py.
  • Sanitization: Implements slug sanitization for branch naming, though task content is passed to downstream templates as provided.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 08:33 AM
Security Audit — agent-trust-hub — cross-agent-coordination