task-coordinator
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines structured patterns for managing complex workflows using a built-in task system. This involves standard operations like creating tasks, updating status, and tracking dependencies.
- [PROMPT_INJECTION]: The orchestration logic defines a surface for indirect prompt injection through its use of a local ledger file and dynamic task prompts, though it is used for legitimate workflow management.
- Ingestion points: Workflow state is read from
.agents/workflow-ledger.yml. - Boundary markers: No explicit delimiters or boundary markers are defined in the orchestration templates.
- Capability inventory: The skill uses native Task functions (
TaskCreate,TaskUpdate,Task()) for subagent invocation, state management, and file writing to the ledger path. - Sanitization: No explicit sanitization of ledger content is shown, as the data is primarily used for internal workflow metadata and status tracking.
- [SAFE]: The skill utilizes platform-specific configuration commands (e.g.,
/majestic:config) and environment variables for managing task tracking settings and cross-session persistence, which are consistent with the intended functionality of the orchestration tool.
Audit Metadata