reasoning-router
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (scripts/problem-classifier.py) using the !uv run command. This script performs deterministic keyword-based classification of user input to suggest routing. This is a standard functional component of the skill architecture.\n- [PROMPT_INJECTION]: The skill ingests user input and analyzes it for specific keywords to determine which thinking method to use. This presents a surface for indirect prompt injection where crafted input could manipulate tool selection or resource expenditure.\n
- Ingestion points: The problem text provided in $ARGUMENTS is passed directly to the classification script.\n
- Boundary markers: Absent; the classifier analyzes the raw string without markers separating user data from system logic.\n
- Capability inventory: The skill has the capability to invoke 11 different reasoning MCPs and execute local scripts via subprocesses.\n
- Sanitization: The script uses basic normalization and regex escaping for patterns but does not sanitize the input for adversarial keyword injection intended to influence routing logic.
Audit Metadata