orchestration
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill facilitates complex multi-agent workflows where agents read codebase files and coordinate via a shared task list. This creates a surface where malicious content within processed source files could influence the orchestrator or teammates. * Ingestion points: Agents are instructed to read source files, logs, and configurations during audit and diagnosis tasks (e.g., in references/domains.md). * Boundary markers: The documentation recommends file partitioning but does not specify the use of delimiters or 'ignore instructions' blocks to sanitize data passed to agents. * Capability inventory: The lead agent has the authority to spawn multiple sub-agents, message teammates, and manage tasks. * Sanitization: No input validation or content escaping is mentioned for data retrieved from external files.
- [EXTERNAL_DOWNLOADS]: External Package and Repository References. The skill refers to external software and repositories to support the orchestration workflow. * Package Reference: Recommends running bunx ccrecall sync for session analytics (references/task-management.md). * Pattern Source: Cites decomposition strategies from the mikekelly/claude-sneakpeek repository (references/domains.md).
Audit Metadata