1k-group-think
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes official environment variables and standard multi-agent orchestration tools (TeamCreate, SendMessage) as intended for developer productivity within the OneKey environment. All patterns are consistent with vendor-provided analytical tools.\n- [COMMAND_EXECUTION]: The skill gathers context using the Task tool and git log. These operations are restricted to information gathering and do not involve executing untrusted or arbitrary commands at runtime.\n- [PROMPT_INJECTION]: The skill exhibits a standard vulnerability surface for indirect prompt injection by processing external codebase content and user descriptions.\n
- Ingestion points: User-provided descriptions (Step 1) and file contents retrieved from the repository during the exploration phase (Step 2).\n
- Boundary markers: The Context Brief uses Markdown headers (e.g., ### Key Code Snippets) to separate data, but lacks explicit instructions to treat all embedded content as data only.\n
- Capability inventory: Analysis agents can use Task (to spawn general-purpose subagents), SendMessage, and AskUserQuestion. However, the skill explicitly prohibits agents from making file changes or implementing code.\n
- Sanitization: No sanitization of code content or git logs is performed before the data is passed into the agent's context.
Audit Metadata