sc-spawn
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (HIGH): The skill presents a significant Indirect Prompt Injection surface (Category 8). Ingestion points: The 'task' argument in the /sc:spawn command. Boundary markers: None specified in instructions. Capability inventory: 'file operations' and 'executing subtasks'. Sanitization: None described. Malicious instructions embedded in a task description could be executed with agent privileges.
- NO_CODE (INFO): The skill consists exclusively of markdown documentation and contains no executable scripts or logic files for analysis.
Recommendations
- AI detected serious security threats
Audit Metadata