orchestrate-marketing

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and parsing content from various project files in the research/, brand/, and .agents/ directories. While primarily used for state detection, malicious content in these files could attempt to influence the agent's orchestration logic.
  • [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (the ! syntax) in SKILL.md to execute shell commands like find, git log, and directory checks at load time. These specific implementations are benign and diagnostic in nature, as they do not incorporate user-supplied arguments or target sensitive system directories.
  • [COMMAND_EXECUTION]: The instructions direct the agent to execute a local TypeScript script (manifest-sync.ts) using the bun runtime to synchronize project metadata. This relies on the security and integrity of the local file environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 04:04 PM
Security Audit — agent-trust-hub — orchestrate-marketing