skills/stablyai/orca/orchestration/Gen Agent Trust Hub

orchestration

Pass

Audited by Gen Agent Trust Hub on May 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by design. It enables the flow of instructions and data between multiple agents, where one agent's output can be injected into another agent's context.
  • Ingestion points: Messages from other agents are received via orca orchestration check and terminal output is read via orca terminal read (SKILL.md).
  • Boundary markers: The skill does not define explicit boundary markers or instructions to ignore embedded commands within the passed data.
  • Capability inventory: The skill can execute commands via orca terminal create --command, send text to shells via orca terminal send, and inject preambles into other agents via orca orchestration dispatch --inject (SKILL.md).
  • Sanitization: No sanitization or validation of the content being passed between agents is described in the command surface.
  • [COMMAND_EXECUTION]: The terminal management interface allows for arbitrary command execution.
  • Evidence: The command orca terminal create --command <cmd> allows launching any shell command in a new terminal. Additionally, orca terminal send --text <text> can be used to execute commands in existing terminal sessions (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 27, 2026, 02:09 AM
Security Audit — agent-trust-hub — orchestration