orchestrate-marketing
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and parsing content from various project files in the
research/,brand/, and.agents/directories. While primarily used for state detection, malicious content in these files could attempt to influence the agent's orchestration logic. - [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (the
!syntax) inSKILL.mdto execute shell commands likefind,git log, and directory checks at load time. These specific implementations are benign and diagnostic in nature, as they do not incorporate user-supplied arguments or target sensitive system directories. - [COMMAND_EXECUTION]: The instructions direct the agent to execute a local TypeScript script (
manifest-sync.ts) using thebunruntime to synchronize project metadata. This relies on the security and integrity of the local file environment.
Audit Metadata