Skills
skills/nansen-ai/orca/sprint-team/Gen Agent Trust Hub

sprint-team

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Several agent roles are instructed to interact with the local development environment using standard CLI tools. Specifically, the Coder, Integrator, and Validator roles utilize git and gh (GitHub CLI) for version control and pull request management.
  • [COMMAND_EXECUTION]: The Researcher and Coder roles execute shell commands provided via template variables like {{ci_commands}} and {{coverage_command}}. This allows the skill to integrate with the project's existing test and verification toolchains.
  • [PROMPT_INJECTION]: The skill has an inherent indirect prompt injection surface as agents ingest untrusted data from the codebase and pull request diffs during the Research and Validation phases. This data could potentially contain malicious instructions intended to influence the agent's output, though this is a standard risk for coding agents and is mitigated by the multi-role review structure (e.g., Security Reviewer).
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 04:46 AM