extended-thinking
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted text input which could contain malicious instructions. | Ingestion points: prompt parameter in both Python and TypeScript templates. | Boundary markers: Absent. | Capability inventory: Anthropic API message creation; no file-write or command execution capabilities. | Sanitization: Absent.
- [Unverifiable Dependencies] (LOW): Uses official SDKs from a trusted source. | Evidence: anthropic (Python) and @anthropic-ai/sdk (Node.js) are maintained by the trusted Anthropic organization.
Audit Metadata