Skills
skills/hungv47/meta-skills/orchestrate-meta/Gen Agent Trust Hub

orchestrate-meta

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs dynamic context injection to execute benign shell commands, such as find and git log, for project state discovery when the skill is loaded.
  • [COMMAND_EXECUTION]: It invokes a local script manifest-sync.ts via bun to synchronize the project manifest, which is a standard administrative task for this skill set.
  • [PROMPT_INJECTION]: The skill processes various local project files to classify user intent, creating an indirect prompt injection surface. Evidence: (1) Ingestion points: Files in research/, brand/, architecture/, and .agents/ directories; (2) Boundary markers: Absent; (3) Capability inventory: Shell access (Bash) and file system access (Read, Grep, Glob); (4) Sanitization: Absent.
  • [SAFE]: The orchestrator reads multiple project directories to build a state map, which is necessary for its core function of routing tasks based on existing progress.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 04:31 PM