Scan Report
5 /100
complex-task-orchestrator
复杂任务编排与分治。当任务涉及批量操作、多步骤工程、sub-agent可能翻车的场景时激活。提供预记录防崩溃丢失、分治策略、超时管控、上下文膨胀防护、失败恢复方案。
The skill is a legitimate complex-task orchestration utility for AI sub-agent coordination. No malicious behavior, credential theft, obfuscation, or undeclared capabilities detected.
Safe to install
No action needed. The skill is safe to use.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | SKILL.md: checkpoint file writes to memory/YYYY-MM-DD.md and checkpoints directo… |
| Network | NONE | NONE | — | No network requests in any file |
| Shell | NONE | NONE | — | No subprocess, exec, or shell command execution |
| Environment | NONE | NONE | — | checkpoint.py only uses os.environ for CHECKPOINT_DIR construction, no sensitive… |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser access |
| Database | NONE | NONE | — | No database access |
| Skill Invoke | NONE | NONE | — | Only references other skills (company-research, excel-xlsx) declaratively in doc… |
File Tree
3 files · 21.8 KB · 577 lines Markdown 2f · 465L
Python 1f · 112L
├─
▾
references
│ └─
common-patterns.md
Markdown
├─
▾
scripts
│ └─
checkpoint.py
Python
└─
SKILL.md
Markdown
Security Positives
✓ SKILL.md provides comprehensive, well-documented task orchestration guidance with no hidden capabilities
✓ checkpoint.py is a simple, readable utility (112 lines) with no external dependencies, no obfuscation, and no credential access
✓ Doc-to-code alignment: declared filesystem WRITE (checkpoints) matches actual implementation
✓ No network requests, no shell execution, no environment variable harvesting
✓ No base64, no eval, no curl|bash, no IP addresses for exfiltration
✓ Checkpoint data stored locally in user directory only
✓ references/common-patterns.md is pure documentation with no executable content
✓ No supply chain risk: checkpoint.py has no external dependencies