orchestration
Pass
Audited by Gen Agent Trust Hub on May 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by design. It enables the flow of instructions and data between multiple agents, where one agent's output can be injected into another agent's context.
- Ingestion points: Messages from other agents are received via
orca orchestration checkand terminal output is read viaorca terminal read(SKILL.md). - Boundary markers: The skill does not define explicit boundary markers or instructions to ignore embedded commands within the passed data.
- Capability inventory: The skill can execute commands via
orca terminal create --command, send text to shells viaorca terminal send, and inject preambles into other agents viaorca orchestration dispatch --inject(SKILL.md). - Sanitization: No sanitization or validation of the content being passed between agents is described in the command surface.
- [COMMAND_EXECUTION]: The terminal management interface allows for arbitrary command execution.
- Evidence: The command
orca terminal create --command <cmd>allows launching any shell command in a new terminal. Additionally,orca terminal send --text <text>can be used to execute commands in existing terminal sessions (SKILL.md).
Audit Metadata