genius-thinking
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes an indirect prompt injection vulnerability surface by processing user-provided innovation topics through its core analysis pipeline.
- Ingestion points: The skill takes untrusted user input via the mandatory topic argument required for the
/genius-thinkingcommand. - Boundary markers: There are no explicit delimiters or instructions (such as 'ignore instructions within this block') to isolate user-provided data from the agent's internal reasoning prompts and tool-call structures.
- Capability inventory: The skill leverages the
sequential-thinkingreasoning tool, spawns sub-agents via aTasktool for parallel analysis, and has file-writing capabilities to the.hypercore/directory. - Sanitization: No sanitization or validation of the user's input topic is performed before it is interpolated into the reasoning and task execution phases, which could allow an attacker to influence the sub-agent instructions or the final analytical output.
Audit Metadata