Skills
skills/kylesnowschwartz/simpleclaude/sc-hypothesize/Gen Agent Trust Hub

sc-hypothesize

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes user-supplied problem statements to generate directory slugs for persistence.
  • Ingestion points: The $ARGUMENTS variable in SKILL.md captures the user's decision or problem statement.
  • Boundary markers: There are no explicit delimiters or instructions to treat the user input as untrusted data.
  • Capability inventory: The skill performs file system reads (Read, Grep, Glob) and writes history files to .agent-history/reasoning/<slug>/.
  • Sanitization: The slug generation logic does not sanitize for path traversal characters such as '..', which could allow the agent to write files to unintended locations on the file system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 12:35 AM