strategic-thinker
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reasoning framework for senior-level architectural analysis. It directs the agent to classify user requests, ground them in codebase/web reality, and apply systems thinking lenses (e.g., Zoom Stack, Stress Test).
- [PROMPT_INJECTION]: Potential Indirect Prompt Injection surface. The skill instructions require the agent to ingest data from external sources like web search results and codebase files, which could contain adversarial instructions.
- Ingestion points: Step 1 in
SKILL.md(Codebase exploration, Web research, Browser usage). - Boundary markers: Absent; the skill does not instruct the agent to use specific delimiters or ignore instructions within external data.
- Capability inventory: Sub-agent dispatch, file system reads (via exploration), web search, and browser access (via MCPs).
- Sanitization: Absent; the skill relies on the agent's internal safety filters.
- [EXTERNAL_DOWNLOADS]: The skill recommends using web search and browsers to gather information on architectural patterns and prior art. These are used for information gathering and do not involve executing untrusted binaries or scripts.
Audit Metadata