multi-model-orchestrator
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation suggests using standard CLI utilities such as
mkdir,cp, andcatfor managing handoff files within the local.claude/handoffs/directory. - [DATA_EXFILTRATION]: The skill includes explicit security guidance in its README and FAQ, advising users to review handoff files for secrets, credentials, or sensitive customer data before committing them to version control repositories.
- [PROMPT_INJECTION]: The skill facilitates a workflow where agents read and follow instructions from external YAML files. While this is the intended design, it creates a surface for indirect prompt injection if an agent is asked to process a handoff file from an untrusted source.
- [EXTERNAL_DOWNLOADS]: Reference documentation for an example scenario mentions standard library dependencies like
jsonwebtokenandbcrypt, which are used for building the target application, not as dependencies of the skill itself.
Audit Metadata