si

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies user intent from the $ARGUMENTS variable and passes it to secondary skills like /superintelligence, /v, and /ultrawork. This interpolation of untrusted data without sanitization or boundary markers creates a vulnerability to indirect prompt injection. \n- Ingestion points: $ARGUMENTS in SKILL.md. \n- Boundary markers: No delimiters or explicit warnings are used to separate user input from agent instructions. \n- Capability inventory: The skill routes to agents capable of executing code, building applications, and performing parallel tasks (/v, /ultrawork). \n- Sanitization: No escaping or validation is performed on the user-provided arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:40 AM
Security Audit — agent-trust-hub — si