si
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies user intent from the $ARGUMENTS variable and passes it to secondary skills like /superintelligence, /v, and /ultrawork. This interpolation of untrusted data without sanitization or boundary markers creates a vulnerability to indirect prompt injection. \n- Ingestion points: $ARGUMENTS in SKILL.md. \n- Boundary markers: No delimiters or explicit warnings are used to separate user input from agent instructions. \n- Capability inventory: The skill routes to agents capable of executing code, building applications, and performing parallel tasks (/v, /ultrawork). \n- Sanitization: No escaping or validation is performed on the user-provided arguments.
Audit Metadata