superthread
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation references an installation command for the Superthread CLI via a Homebrew tap (
steveclarke/tap/superthread). This resource is owned by the skill author and is considered a vendor-controlled asset. - [COMMAND_EXECUTION]: The skill is designed to interact with the system by executing shell commands through the
suthCLI tool to perform project management tasks. - [PROMPT_INJECTION]: The skill processes data retrieved from the Superthread API (such as card content and comments), which introduces a potential surface for indirect prompt injection.
- Ingestion points: External data is fetched through commands like
suth cards get,suth search query, andsuth comments getas described inSKILL.md. - Boundary markers: The instructions do not define specific delimiters or guardrails to differentiate between Superthread data and agent instructions.
- Capability inventory: The skill executes CLI commands and provides the ability to open resources in a web browser using the
--openor-oflags. - Sanitization: There is no evidence of data sanitization or filtering applied to the content retrieved from the external API before it is presented to the agent.
Audit Metadata