ultrawork
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates the execution of shell commands and subagent tasks in parallel. Examples include running software builds and test suites using background execution parameters.
- [EXTERNAL_DOWNLOADS]: Mentions the use of standard package managers like npm for project dependency management in its usage examples.
- [PROMPT_INJECTION]: The architectural design involves passing user-provided task descriptions to subagents ('oh-my-claudecode:executor'), creating a surface for indirect prompt injection. 1. Ingestion points: Task descriptions are passed directly to subagents via the 'Task' tool. 2. Boundary markers: No delimiters or explicit safety warnings for subagents are defined in the instructions. 3. Capability inventory: The skill has the capability to trigger shell commands and environment modifications through subagents. 4. Sanitization: There is no evidence of input validation or escaping for user-provided prompts before they are delegated to subagents.
Audit Metadata