sequential-thinking
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The instructions in SKILL.md use authoritative language like 'IMPORTANT' and 'MUST' to mandate specific reasoning steps and require user interaction for simple tasks, which can override default agent behavior.
- [PROMPT_INJECTION]: The skill is designed to process arbitrary user tasks through its sequential thinking framework, creating an indirect injection surface.
- Ingestion points: User-provided problem descriptions enter the reasoning context through the multi-step methodology.
- Boundary markers: There are no specific delimiters or instructions to ignore potential commands embedded in the user data.
- Capability inventory: The skill uses local Node.js scripts that can write to the local filesystem.
- Sanitization: Input validation in scripts/process-thought.js checks data types but does not sanitize the contents of the thoughts being processed.
- [COMMAND_EXECUTION]: The skill includes two Node.js scripts, process-thought.js and format-thought.js, which are used to manage state and format output. These scripts are executed locally and perform file system operations to maintain a thought history file.
Audit Metadata