Coding Swarm Agent

The ayao-workflow-agent is a complex multi-agent orchestration system that manages tasks via tmux sessions and shell scripts. It is classified as suspicious due to its high-risk operational model, which includes explicitly bypassing AI security sandboxes (using flags like --dangerously-bypass-approvals-and-sandbox in references/prompt-codex.md), installing git post-commit hooks for automated code execution and remote pushing (scripts/install-hooks.sh), and granting the orchestrator broad shell execution capabilities. While internal documentation (docs/review-2026-03-22.md) identifies critical vulnerabilities such as RCE and path traversal as unintentional flaws, the system's design grants an AI agent significant autonomous control over the host environment. Key files involved include SKILL.md for orchestration logic and scripts/dispatch.sh for command execution.