team
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates parallel AI workers by executing shell commands such as
omx,tmux,git, andnpm. This is the intended operational mode for the team management functionality. - [PROMPT_INJECTION]: Task descriptions provided by users are passed as arguments to the coordination CLI, serving as a direct input to the AI workers.
- [PROMPT_INJECTION]: The skill processes context data from snapshots in the
.omx/context/directory (ingestion point). These files are incorporated into the worker context without explicit boundary markers or sanitization. Coordinated workers possess capabilities to execute shell commands and modify the local filesystem (capability inventory).
Audit Metadata