orchestration-blackboard
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates multi-agent communication by allowing subagents to read and write to a shared 'blackboard' filesystem. This creates a surface for Indirect Prompt Injection, as an agent processing untrusted external data could write instructions into the blackboard that are subsequently executed or obeyed by other agents in the chain.
- Ingestion points:
SKILL.mddescribes the use ofcc_blackboard_readand thecc://blackboard/resource to load findings into an agent's context. - Boundary markers: Absent. The provided prompt templates in
SKILL.mddo not include delimiters or warnings to ignore instructions contained within the findings. - Capability inventory:
SKILL.mdexplicitly allows theBashandReadtools, providing high-privilege execution capabilities if an injection is successful. - Sanitization: Absent. There is no evidence of sanitization or validation of the content within the
findingsfield before it is consumed by downstream agents.
Audit Metadata