drive-orchestrate-plan
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The analyzed content describes a legitimate development orchestration workflow. The skill follows best practices for task delegation and state management without including malicious instructions or hidden payloads.
- [COMMAND_EXECUTION]: The skill involves the execution of local development tools, specifically
gitfor repository management and user-defined validation scripts (tests, linting, builds). These operations are standard for the tool's intended use case as a technical lead agent and are restricted to the local filesystem. - [DATA_EXFILTRATION]: Analysis of the instructions and templates confirms that no network operations or data exfiltration mechanisms are present. Communication is limited to local file system writes and internal tool calls.
- [PROMPT_INJECTION]: The skill incorporates a robust validation step where the primary agent reviews sub-agent outputs against project intent. This architecture serves as a defense-in-depth mechanism against unexpected or malicious behavior from the automated review/implementation loop.
Audit Metadata