cross-agent-coordination
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the
PyYAMLpackage for parsing project configurations and task metadata, which is installed via standard Python package managers. - [COMMAND_EXECUTION]: Several scripts (
gh_git.py,task_scaffold.py) utilize thesubprocessmodule to execute Git CLI commands for repository management, such as cloning, branching, committing, and pushing code. These commands are executed without a shell and use controlled arguments. - [DATA_EXFILTRATION]: The skill interacts with the official GitHub API (
api.github.com) to manage Pull Requests and perform repository updates. These network operations are intrinsic to the skill's primary function of cross-agent coordination and target a well-known, trusted service. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes task descriptions and goals from markdown files (
project-tasks.md) and interpolates them into PR descriptions or email drafts. - Ingestion points: Task definitions are read from project-level markdown files and folder-specific READMEs via
collab_lib.py. - Boundary markers: Uses standard markdown heading levels to identify task sections.
- Capability inventory: Includes the ability to perform Git operations and create/merge GitHub Pull Requests via
gh_git.py. - Sanitization: Implements slug sanitization for branch naming, though task content is passed to downstream templates as provided.
Audit Metadata