proof-orchestrator

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill defines a set of guidelines for evidence-based verification of claims (e.g., 'test_proven', 'runtime_proven'). It does not contain any executable code, scripts, network operations, or sensitive file access.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied claims and data to determine the appropriate 'proof level'. While this creates a surface where untrusted data enters the agent context, the skill's instructions focus on rigorous verification and source inspection, which is a security best practice.\n
  • Ingestion points: User-provided claims processed via instructions in SKILL.md.\n
  • Boundary markers: None explicitly defined in this orchestration layer.\n
  • Capability inventory: Logic routes tasks to other tools or skills (e.g., $diagnose, $verify-this, browser, CLI, GitHub CI).\n
  • Sanitization: Not applicable; the skill serves as a logical workflow for verification rather than a data processing tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 05:53 PM
Security Audit — agent-trust-hub — proof-orchestrator