implement-incremental

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs Git operations (branching, committing, and PR creation) and file system modifications (updating plan manifests and phase files). These actions are aligned with its stated purpose as a development orchestrator and require user confirmation at key steps, such as phase boundaries and final completion.
  • [INDIRECT_PROMPT_INJECTION]: The orchestrator ingests data from external files which could potentially contain instructions aimed at subagents. This represents a known attack surface for multi-agent workflows.
  • Ingestion points: The skill reads implementation plans from plan/README.md, task definitions from plan/phase-N.md, and project rules from CONSTITUTION.md.
  • Boundary markers: The skill uses YAML frontmatter and markdown structural headers to delimit metadata from task instructions, which helps maintain context for subagents.
  • Capability inventory: The orchestrator has the capability to spawn subagents via the platform's agent tools and modify files across the repository using file-writing tools.
  • Sanitization: The skill mitigates risks by implementing mandatory human-in-the-loop confirmation gates at every phase boundary, allowing users to review all agent outputs and detected drift before the workflow proceeds.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 10:41 AM
Security Audit — agent-trust-hub — implement-incremental