conductor-implement
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs automated development tasks including git operations and test execution. It uses 'git add -A' and 'git commit' to manage task status and runs test commands like 'npm test' or 'pytest' to verify code changes. These actions are aligned with the skill's primary purpose and are governed by manual approval gates.
- [PROMPT_INJECTION]: The skill processes untrusted project data, creating a surface for indirect prompt injection. 1. Ingestion points: Task plans and requirement specifications (plan.md, spec.md). 2. Boundary markers: The skill follows a strict phase structure but lacks explicit delimiters to ignore embedded instructions in plan files. 3. Capability inventory: Git commits, test execution, and directory cleanup. 4. Sanitization: No explicit sanitization of input data from plan or spec files is implemented. Risk is mitigated by the requirement for user approval before phase transitions.
Audit Metadata