infinite-gratitude
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions and metadata point to an external GitHub repository (
https://github.com/sstklen/infinite-gratitude) for installation and usage. This repository belongs to an unknown user account that does not match the skill author's handle ('sickn33') and is not on the trusted vendors list. - [REMOTE_CODE_EXECUTION]: By directing the user to
git cloneand use an external repository for a multi-agent research tool, the skill facilitates the execution of unverified scripts and configurations on the local machine. - [PROMPT_INJECTION]: As a multi-agent research tool designed to synthesize information from external sources, the skill possesses an inherent attack surface for indirect prompt injection from untrusted data ingested during the research process.
- Ingestion points: External data gathered during multi-agent research execution.
- Boundary markers: None identified in the provided documentation.
- Capability inventory: Orchestrates 10 agents for research tasks, implying script execution and potentially network or file system access via the cloned repository.
- Sanitization: No sanitization or filtering logic is provided in the skill markdown.
Audit Metadata