thread-pro
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill consists exclusively of Markdown documentation and templates. It does not include any executable code, scripts, or system-level commands.
- [NO_CODE]: There are no executable files, scripts, or programming logic provided in the skill package.
- [PROMPT_INJECTION]: Indirect prompt injection surface evaluation: 1. Ingestion points: User input enters via 'thread about [topic]' triggers in SKILL.md. 2. Boundary markers: Absent; the agent is instructed to process user topics using provided templates without explicit delimiters. 3. Capability inventory: Analysis of all files reveals zero subprocess calls, exec/eval, file-write, or network operations. 4. Sanitization: Absent. Findings: The surface exists but lacks any exploitable capabilities.
Audit Metadata